About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
23/04/2026
Full time
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
We believe in better. And we make it happen. Better content. Better products. And better careers. Working in Tech, Product or Data at Sky is about building the next and the new. From broadband to broadcast, streaming to mobile, SkyQ to Sky Glass, we never stand still. We optimise and innovate. We turn big ideas into the products, content and services millions of people love. And we do it all right here at Sky. For this role we offer the hybrid working approach with 2 days a week onsite in Osterley campus. What you'll do You will be able to perform an end-to-end threat model, using the STRIDE methodology, independently of any help. This means to organise, perform, document, and follow up on the threat models taking place. Perform threat modelling for AI-enabled systems, including LLM-based and agentic architectures, identifying risks introduced by autonomy, tool use, memory, and orchestration layers. Work with engineering and product teams to define secure design patterns, guardrails, and mitigations for AI agents (e.g. least-privilege tool access, human-in-the-loop controls. Proficient in managing your workload independently and familiarise yourself with industry business practices and procedures while taking ownership of your development pathway alongside your line manager and colleagues. You will evangelise about the benefits Cyber can offer the business and are confident running workshops and initiatives to spread the word. You will coach and assist junior members of the team to improve their skills, knowledge or behaviours. Support external departments by working on bespoke integrations and sharing of information. Engage with cyber stakeholders, the wider business, and external entities to facilitate and support the delivery of cyber services and initiatives. Always look to improve you understand and knowledge of the following. Regulatory requirements on our business. TSA, PCI, SWIFT, GDPR (not an exhaustive list) Architectural domains. DLP, CLOUD, IDAM, LOGGING & MONITERING (not an exhaustive list) Departments and their verticals. CONTENT, CUSTOMER, ISP, PRODUCT, DIGITAL, DATA (not an exhaustive list) What you'll bring Experience providing end-to-end threat models, using the STRIDE methodology in an Enterprise level business. Strong understanding of AI-specific threat classes, such as prompt injection, model abuse, data leakage, insecure plugin/tool execution, and emergent agent behaviour. Live the Sky Values and demonstrate enthusiasm and a can-do attitude. Demonstrate a passion for cyber security and have a positive outlook and approach to the work we do. Experience in working within a typical Cyber/Infosec field, dealing with subjects ranging from technologies, compliance, or regulatory frameworks that have an impact on the Cyber function or offerings. Strong skills in analytical, decision making, verbal and written communication capabilities. Excellent teamwork skills to collaborate, share and support colleagues. A desire to learn, and share your knowledge within the team. Team overview Cyber Security Our products, platforms and technologies are constantly evolving that's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our global team works across the UK, US & India. As the business adopts AI and autonomous technologies, the team plays a key role in ensuring these systems are designed and operated securely and responsibly. Join us and you'll get involved in tackling challenges and future threats in an ever-changing cyber landscape. The rewards There's one thing people can't stop talking about when it comes to : the perks . Here's a taster: Sky Q, for the TV you love all in one place The magic of Sky Glass at an exclusive rate A generous pension package Private healthcare Discounted mobile and broadband A wide range of Sky VIP rewards and experiences Inclusion & how you'll work We are a Disability Confident Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all, and will make reasonable adjustments to support you where appropriate . Please flag any adjustments you need to your recruiter as early as you can. We've embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You'll find out more about what hybrid working looks like for your role later on in the recruitment process. Your office space : Osterley: Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There's also plenty of bike shelters and showers. On campus, you'll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon. Leeds: Our spacious tech hub is under a mile away from Leeds train station. There's plenty of parking in the surrounding streets and at the nearby CitiPark . You can also blow off steam over a game of pool or table tennis, and stay fit at our subsidised gym. Livingston Watermark House: Our lively campus is a free shuttle bus away from Livingston North train station and the town centre. Plus there's onsite parking available for cars, motorbikes and bicycles. We'd love to hear from you Inventive, forward-thinking minds come together to work in Tech, Product and Data at Sky. It's a place where you can explore what if, how far, and what next. But better doesn't stop at what we do, it's how we do it, too. We embrace each other's differences. We support our community and contribute to a sustainable future for our business and the planet. If you believe in better, we'll back you all the way. Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.
21/04/2026
Full time
We believe in better. And we make it happen. Better content. Better products. And better careers. Working in Tech, Product or Data at Sky is about building the next and the new. From broadband to broadcast, streaming to mobile, SkyQ to Sky Glass, we never stand still. We optimise and innovate. We turn big ideas into the products, content and services millions of people love. And we do it all right here at Sky. For this role we offer the hybrid working approach with 2 days a week onsite in Osterley campus. What you'll do You will be able to perform an end-to-end threat model, using the STRIDE methodology, independently of any help. This means to organise, perform, document, and follow up on the threat models taking place. Perform threat modelling for AI-enabled systems, including LLM-based and agentic architectures, identifying risks introduced by autonomy, tool use, memory, and orchestration layers. Work with engineering and product teams to define secure design patterns, guardrails, and mitigations for AI agents (e.g. least-privilege tool access, human-in-the-loop controls. Proficient in managing your workload independently and familiarise yourself with industry business practices and procedures while taking ownership of your development pathway alongside your line manager and colleagues. You will evangelise about the benefits Cyber can offer the business and are confident running workshops and initiatives to spread the word. You will coach and assist junior members of the team to improve their skills, knowledge or behaviours. Support external departments by working on bespoke integrations and sharing of information. Engage with cyber stakeholders, the wider business, and external entities to facilitate and support the delivery of cyber services and initiatives. Always look to improve you understand and knowledge of the following. Regulatory requirements on our business. TSA, PCI, SWIFT, GDPR (not an exhaustive list) Architectural domains. DLP, CLOUD, IDAM, LOGGING & MONITERING (not an exhaustive list) Departments and their verticals. CONTENT, CUSTOMER, ISP, PRODUCT, DIGITAL, DATA (not an exhaustive list) What you'll bring Experience providing end-to-end threat models, using the STRIDE methodology in an Enterprise level business. Strong understanding of AI-specific threat classes, such as prompt injection, model abuse, data leakage, insecure plugin/tool execution, and emergent agent behaviour. Live the Sky Values and demonstrate enthusiasm and a can-do attitude. Demonstrate a passion for cyber security and have a positive outlook and approach to the work we do. Experience in working within a typical Cyber/Infosec field, dealing with subjects ranging from technologies, compliance, or regulatory frameworks that have an impact on the Cyber function or offerings. Strong skills in analytical, decision making, verbal and written communication capabilities. Excellent teamwork skills to collaborate, share and support colleagues. A desire to learn, and share your knowledge within the team. Team overview Cyber Security Our products, platforms and technologies are constantly evolving that's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our global team works across the UK, US & India. As the business adopts AI and autonomous technologies, the team plays a key role in ensuring these systems are designed and operated securely and responsibly. Join us and you'll get involved in tackling challenges and future threats in an ever-changing cyber landscape. The rewards There's one thing people can't stop talking about when it comes to : the perks . Here's a taster: Sky Q, for the TV you love all in one place The magic of Sky Glass at an exclusive rate A generous pension package Private healthcare Discounted mobile and broadband A wide range of Sky VIP rewards and experiences Inclusion & how you'll work We are a Disability Confident Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all, and will make reasonable adjustments to support you where appropriate . Please flag any adjustments you need to your recruiter as early as you can. We've embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You'll find out more about what hybrid working looks like for your role later on in the recruitment process. Your office space : Osterley: Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There's also plenty of bike shelters and showers. On campus, you'll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon. Leeds: Our spacious tech hub is under a mile away from Leeds train station. There's plenty of parking in the surrounding streets and at the nearby CitiPark . You can also blow off steam over a game of pool or table tennis, and stay fit at our subsidised gym. Livingston Watermark House: Our lively campus is a free shuttle bus away from Livingston North train station and the town centre. Plus there's onsite parking available for cars, motorbikes and bicycles. We'd love to hear from you Inventive, forward-thinking minds come together to work in Tech, Product and Data at Sky. It's a place where you can explore what if, how far, and what next. But better doesn't stop at what we do, it's how we do it, too. We embrace each other's differences. We support our community and contribute to a sustainable future for our business and the planet. If you believe in better, we'll back you all the way. Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
21/04/2026
Full time
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
20/04/2026
Full time
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
20/04/2026
Full time
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
19/04/2026
Full time
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
19/04/2026
Full time
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
17/04/2026
Full time
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
14/04/2026
Contractor
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
14/04/2026
Full time
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
Job Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during high?severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners. Analyse attack vectors, exploits, and root causes. Guide forensic activity where required, ensuring evidence integrity. Governance, Reporting & Continuous Improvement Produce detailed incident reports, executive summaries, and post?incident reviews. Track incident metrics, trends, and lessons learned to improve security posture. Drive improvements in incident response playbooks, processes, and tooling. Ensure incidents are handled in alignment with frameworks such as NIST Stakeholder & Vendor Coordination Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third?party partners. Support customer?facing communication where relevant (for MSSP or managed services environments). Manage relationships with external responders, MSSPs, and law enforcement as applicable. Operational Readiness Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments. Ensure IR documentation is current, accessible, and aligned with business needs. Provide mentoring and support to junior analysts and incident responders. Essential Skills & Experience Proven experience leading complex cyber security incidents in a mid?to?large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi?disciplinary response teams. Excellent communication skills, with the ability to convey technical detail to senior leadership.
07/04/2026
Contractor
Job Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during high?severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners. Analyse attack vectors, exploits, and root causes. Guide forensic activity where required, ensuring evidence integrity. Governance, Reporting & Continuous Improvement Produce detailed incident reports, executive summaries, and post?incident reviews. Track incident metrics, trends, and lessons learned to improve security posture. Drive improvements in incident response playbooks, processes, and tooling. Ensure incidents are handled in alignment with frameworks such as NIST Stakeholder & Vendor Coordination Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third?party partners. Support customer?facing communication where relevant (for MSSP or managed services environments). Manage relationships with external responders, MSSPs, and law enforcement as applicable. Operational Readiness Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments. Ensure IR documentation is current, accessible, and aligned with business needs. Provide mentoring and support to junior analysts and incident responders. Essential Skills & Experience Proven experience leading complex cyber security incidents in a mid?to?large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi?disciplinary response teams. Excellent communication skills, with the ability to convey technical detail to senior leadership.
About the opportunity Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 13/04 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £23,400 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees. Complete the training and gain essential cyber security skills.
02/04/2026
Full time
About the opportunity Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 13/04 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £23,400 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees. Complete the training and gain essential cyber security skills.
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
06/10/2025
Contractor
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
03/10/2025
Contractor
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
03/10/2025
Contractor
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
03/10/2025
Contractor
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
03/10/2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
01/10/2025
Contractor
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
24/09/2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
BAE Systems Digital Intelligence
Guildford, Surrey
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
