187 jobs found

SOC Analyst (24 7) - UK Public Sector SOC Location: Winchester, SO212JN Clearance: BPSS + Home Office SC Working Pattern: On site, 24 7 shift rota About the Role We're looking for skilled and motivated SOC Analysts to join a high performing 24 7 Security Operations Centre supporting UK Public Sector clients. You'll be part of a 16 person team delivering protective monitoring, threat detection, and incident response across complex and secure environments. This is an exciting opportunity to work with leading SIEM and XDR technologies while contributing directly to national level cyber defence. What You'll Be Doing Providing continuous protective monitoring across secure client environments Investigating, triaging, and escalating security alerts Operating multiple SIEM/XDR platforms including: IBM QRadar LogRhythm Palo Alto XSIAM/XDR Microsoft Sentinel & Defender Google SecOps Supporting incident response activities and following established SOC runbooks Maintaining situational awareness and contributing to threat detection improvements Working collaboratively within a 24 7 shift team Essential Skills Strong cyber security awareness and foundational training Ability to work effectively in a 24 7 SOC environment Understanding of security monitoring, alert handling, and incident lifecycle Desirable Skills Experience in a Security Operations Centre Hands on exposure to SIEM/XDR platforms Triage, investigation, and incident response experience Familiarity with public sector or secure environments Clearance Requirements BPSS (Baseline Personnel Security Standard) Home Office SC (Security Check) - or eligibility to obtain

Detection Engineer Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Description NCC Group is looking for a Detection Engineer to join the Detection Engineering team. The role will focus on developing, maintaining, and improving Splunk-based security detections across cloud, infrastructure, and custom log sources. The successful candidate will help turn security risks, threat models, assurance requirements, and log sources into practical detections that can be deployed, tuned, and documented. Key Responsibilities Develop and maintain detections using Splunk SPL. Analyse logs from cloud, infrastructure, application, gateway, Linux, SSH, CDN, vulnerability management, and audit sources. Create detections for areas such as: cloud security monitoring and cloud control-plane activity, infrastructure, platform, and access-related security events, bespoke assurance use cases based on customer-specific log sources, suspicious or anomalous activity identified through threat models, security testing. Review existing detection coverage and identify gaps. Assess new log sources and define detection use cases. Map detections to MITRE ATT&CK, risk scenarios, and assurance requirements where relevant. Tune detections to reduce false positives and improve analyst usability. Document detection purpose, logic, alerting criteria, data source, MITRE mapping, false positives, and investigation guidance. Support SOC analysts with alert context and investigation advice. Skills, Knowledge & Expertise Candidates do not need to meet every requirement, but should have experience in some of the following: Splunk SPL or similar query language. Security detection engineering, SIEM engineering, threat hunting, or security monitoring. Cloud audit logs, especially AWS; GCP or OCI experience is also useful. MITRE ATT&CK and common attacker behaviours. Kubernetes or container security monitoring. Cloud security concepts such as IAM, KMS, security groups, route tables, ACLs, object storage, and service accounts. Use of allowlists, thresholds, baselines, aggregation, and anomaly-style detection logic. Regex and basic scripting, e.g. Python, Bash, or PowerShell. Documentation using Jira, JSM, Confluence, or similar tools. Desirable Experience: Experience with Splunk Enterprise Security and Splunk Security Essentials. Experience writing or tuning scheduled alerts. Experience reviewing threat models, security testing outputs, or assurance requirements. Experience using a detection as code deployment pipeline. Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco-friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

The role in a nutshell: To provide effective and timely operational support, development and management of the IT network and security infrastructure to meet business requirements and objectives. To complete projects on time, within scope and to budget. About the 'Department': They look after both TFSUK and KINTO UK. The mission of BTS is to Give (giving the business the technology, applications and services it needs), Guide (guiding the business through changes using expertise and experience) and Guard (always protect the business). What you'll be doing: Work closely with other members of the team to ensure the technology, security policies and procedures are in place to safeguard the business. Manage day to day operational cyber security tasks to maintain optimum business security. Develop, maintain, and support the organisations IT security systems including managing next generation firewalls, IPS, security SIEM tools, Endpoint and security devices or services, responding to security incidents and analysing security breaches. Develop, maintain, and support the organisations network including managing all Layer2/3 devices, LAN, WAN, Internet, B2B connections, RAS, NLB, Wi Fi ensuring they support the business goals and infrastructure. Responsible for identifying external and internal threats, including investigating and documenting security incidents, making recommendations for fixes, and implementing those fixes where applicable. Working on cyber security projects or those that require security input, including the rollout of new security measures across the business. Monitor SIEM tools and data feeds for threats and take appropriate action when required. Install and operate firewall and data encryption software to protect sensitive business information. Support the technical implementation of ongoing security requirements, including access control and technical audits. Ongoing assessment of risk and reporting to line manager allowing him to make informed decisions regarding cyber security. Analyse and identify potential threats to fine tune the existing security monitoring platforms. Create, maintain, and review security policies and controls across the business, in line with business needs. Manage, update, and resolve incidents or service requests, in adherence to all applicable Service Level Agreements. Research current and developing cyber security products and standards. Deploy patches to security devices in a timely manner and ensure any detected vulnerabilities are fixed to maintain high levels of security. Perform daily monitoring of security estate to ensure there is no unplanned downtime, breaches of security or network vulnerabilities. Create, maintain, and adhere to operational policies, procedures, and standards to effectively support the operational business. Create and maintain system documentation including documentation sufficient for someone else to cover in your absence. Participate in the development, testing and maintenance of disaster recovery and business continuity plans. Recommend, develop, and implement system solutions through analysis of business requirements and new developments in technology. Effectively manage small works requests in line with defined procedures. Liaise with 3rd party company representatives to ensure that satisfactory support, supply, and maintenance services are provided. Provide specialised technical assistance in the planning and development of new projects and systems. Ensure that IT equipment inventory information is entered and maintained. How you could stretch this role: Demonstrate a flexible approach to working hours and travel, and work closely with other members of IT, to meet with support and project deadlines. Participate in IT Strategy reviews as required. Suggest improvements to the department's processes and procedures (where appropriate), encouraging a work culture of continuous improvement. Involvement in ad hoc projects. Support, coach and assist other team members and advise on new preventative measures and fixes. Communicate with other teams to resolve escalated issues quickly and efficiently. Identify any potential problem areas and devise methods of prevention. Ensure housekeeping and maintenance routines are executed when required. Key Experience & Skills: Essential Experience: Palo Alto Firewalls and all associated NG services. Endpoint detection and remediation. Proven track record in Cyber security and understanding of cyber security analysis, tools and software. Experience of implementing, supporting and developing L2/3 network infrastructure. Qualys Vulnerability Management. Aruba Wifi. L2/3 switching - Cisco Nexus. Network Load balancing. Penetration Testing (3rd Party). Incident management. Data Security. Attributes & Behaviours: Good time management and organisational skills. Strong written and verbal communication, including confidence in presenting. Self motivated and proactive worker. Keen attention to detail. Able to work effectively with all levels of staff and external partners. Professional attitude and motivation by producing quality results. Methodical and structured approach to work. Benefits: Hybrid working pattern: 2 days in the office and 3 days from a location of your choice. Access to attractive car schemes for you (and your family) for Toyota & Lexus cars. Excellent pension scheme (up to 6% employee contribution and 15% employer contribution). Generous annual leave of 25 days which increases with service and holiday purchase option. Private Medical Healthcare (single, partner/spouse and dependent children) with Digital GP Service. Group Income Protection cover with Aviva including physical, mental, and financial wellbeing services. Employee Assistance Program. Eye tests. Onsite gym, sports and social club, & flu jabs to keep you healthy. Wellbeing hour each month and many more initiatives throughout the year to encourage a healthy mind and body, and to raise awareness and celebrate diversity, equity and inclusion. Dress for your day policy to make you feel comfortable at work. Eco HQ, free parking & restaurant. Two volunteering days per year. Reward gateway voucher discounts. Flexible working scheme and we welcome flexible working conversations at interview. Regular 1:1s with your manager, a personal development review each quarter. A wide range of learning & development opportunities including Linked In Learning courses. £250 contribution towards learning something new outside of work. Annual events (e.g., summer party, BBQ & Xmas party) including Countdown to Christmas events every December - it is so much fun! Equal Opportunity Employment We are a Disability Confident Employer and are committed to supporting disabled applicants throughout the recruitment process.

As our new Cyber Security Operations Specialist, you will perform essential cyber security operational activities to defend the organisation, its systems and assets. You will be responding to internal and external reports and alerts, exercising skill, training, and judgment to investigate alerts and incidents and to provide immediate response and defensive measures, employing a range of resources, tools and services. What you'll do You will: monitor IT, OT and cloud environments using enterprise security tooling to detect, validate and assess potential security events and intrusion attempts conduct a structured triage of alerts, determining scope, impact and threat actor behaviour through disciplined investigative methodology execute timely containment, eradication and recovery actions to minimise operational disruption and preserve system integrity escalate incidents in accordance with severity thresholds, ensuring appropriate engagement of senior stakeholders and specialist resources when acting as an Incident specialist, coordinate cross-functional response activity across Security, IT, OT and business stakeholders ensure accurate classification, documentation and reporting of incidents contribute to post-incident analysis by identifying root causes, control gaps and detection improvements support threat hunting initiatives led by the Purple Team by validating detection logic and operationalising hunt-derived insights translate intelligence insights into practical defensive measures, including detection rule updates, IOC ingestion and configuration changes optimise operational security tooling, including SIEM, EDR, SEG, SWG and related monitoring platforms develop and refine detection rules, correlation logic, alert thresholds and response workflows act as a point of contact for Cyber Security, ensuring accurate and timely operational communication during live incidents and security events coordinate day-to-day operational engagement between the MSSP (CSOC), IT Service Desk, OT field teams and business stakeholders produce clear, structured incident and investigation reports for management identify recurring trends, control weaknesses and process inefficiencies arising from operational activity develop, maintain and continuously improve Security Operations Standard Operating Procedures (SOPs), playbooks and detection use cases translate incident findings, threat intelligence, and vulnerability disclosures into measurable improvements in security configuration and detection logic maintain technical expertise in Windows environments, with working knowledge of Linux systems provide technical guidance and mentorship to analysts, junior colleagues and apprentices set clear performance expectations and hold team members accountable for operational standards share operational insight to strengthen collective team capability engage in a collaborative and professional culture across the team engage confidently with technical and non-technical stakeholders. What you'll need We are looking for: demonstrable experience contributing to the operational delivery of security capability enhancements strong hands on experience administering and optimising security tooling, including Microsoft security platforms and SIEM technologies deep understanding of core security principles and structured incident response methodologies proven experience investigating and responding to security events within cloud and on premise environments demonstrated commitment to continuous improvement of detection quality and operational effectiveness strong written communication skills, with the ability to produce structured investigation reports and clear risk based reporting confident verbal communicator, capable of engaging stakeholders at varying technical levels ability to collaborate across multidisciplinary teams, including IT, OT, engineering, and external service providers familiarity with adversary tactics, techniques and procedures (TTPs), including MITRE ATT&CK practical experience analysing and investigating security alerts across Microsoft Windows environments, with working knowledge of Linux systems. You must have at least one of the following or equivalent industry qualifications: EC-Council Incident Handler EC-Council Network Defender Microsoft MS-500 Microsoft SC-200 Microsoft SC-300 Microsoft SC-400 Microsoft SC-900. Ideally, you will also have: Certified Ethical Hacker (CEH) CompTIA Security +. What you'll receive A combined pension contribution of up to 20%. Career progression and professional development opportunities. 25 days' holiday rising to 28 with length of service. The opportunity to sell up to five days of holiday every year. The opportunity to buy up to ten days of holiday each year (subject to conditions). A healthcare package that allows you to claim back healthcare costs. Life assurance of up to eight times your salary. The opportunity to lease a new electric car through salary sacrifice (subject to conditions). Cashback and discounts from more than 3,000 retailers. One paid volunteering day each year. Enhanced family leave and pay arrangements. Access to an interactive health and wellbeing platform. Support from trained mental health first aiders. A £1,000 referral fee if you recommend someone who is successfully recruited by us. We are passionate about diversity and inclusion - with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer. If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.

What do we do? Introducing Thinkproject Platform Pioneering a new era and offering a cohesive alternative to the fragmented landscape of construction software, Thinkproject seamlessly integrates the most extensive portfolio of mature solutions with an innovative platform, providing unparalleled features, integrations, user experiences, and synergies. By combining information management expertise and in-depth knowledge of the building, infrastructure, and energy industries, Thinkproject empowers customers to efficiently deliver, operate, regenerate, and dispose of their built assets across their entire lifecycle through a Connected Data Ecosystem. What your day will look like We are looking for a highly experienced and technically skilled Lead Security Operations Centre (SOC) Analyst to join our team and take ownership of the day to day operation and continuous improvement of our Security Operations Centre. This role combines deep technical expertise with operational leadership, people management, and project delivery responsibilities, ensuring the SOC remains effective in identifying, investigating, and responding to advanced security threats, issues, and vulnerabilities across the organisation. As the lead member of the team, you will oversee SOC operations, manage and coordinate complex security investigations, and provide technical leadership during all incidents. You will lead investigations into sophisticated threats such as advanced persistent threats (APTs), malware outbreaks, and targeted attacks, whilst performing hands on analysis of security events, forensic evidence collection, and root cause analysis. You will also drive the development and enhancement of detection capabilities across SIEM, EDR, and other monitoring technologies, while continuously improving SOC processes, procedures, workflows, automation, and playbooks to increase operational effectiveness and maturity. You will actively engage in threat hunting, leveraging your deep understanding of application code, infrastructure and hosting architectures (cloud and on premises), the software development lifecycle (SDLC), and CI/CD pipeline solutions to identify risks that span traditional and cloud native environments. You will collaborate closely with Security Engineering, IT, DevOps, and application teams to improve detection coverage, enhance monitoring capabilities, and strengthen the organisation's overall security posture. Alongside your technical responsibilities, you will provide line management for SOC analysts, including mentoring, coaching, performance management, and professional development, whilst overseeing workload prioritisation, SOC reporting, and the successful delivery of projects associated with SOC tooling, automation, compliance, and operational maturity. This role encompasses reactive incident response, proactive detection engineering, threat hunting, vulnerability management, and operational leadership. You will also contribute to strategic initiatives including penetration testing coordination, security assessments, audit preparation, threat intelligence activities, and the maintenance of SOC documentation and reporting. This role sits within the Product Operations and Corporate IT branch, reporting to the Director of Cyber Security and Networking, and operates as part of the broader Cyber Security, Network, and Security Engineering teams. Main responsibilities: Independently investigate and respond to security alerts and events from SIEM, EDR, and other security tools across endpoints, networks, cloud platforms, and applications. Lead proactive threat hunting activities, leveraging threat intelligence, application logs, and infrastructure telemetry to uncover indicators of compromise or stealthy threat activity. Perform in-depth analysis of logs, API configurations and traffic, container environments, network data, application and infrastructure architecture, as well as data center hosting environments to support threat detection, incident investigation, and root cause analysis. Manage complex cybersecurity incidents end-to-end, including containment, eradication, recovery, and post-incident analysis, while coordinating closely with cross-functional stakeholders. Deploy, operate, configure, and tune SIEM platforms and detection tools to enhance signal accuracy, reduce alert fatigue, and maintain effective detection coverage. Design, build, and maintain incident response playbooks and automation workflows to increase the efficiency, speed, and consistency of incident response processes. Simultaneously manage multiple active investigations and day-to-day SOC operations, effectively prioritising tasks and managing time under pressure. Conduct forensic analysis during investigations, including evidence preservation, malware analysis, memory examination, and root cause identification. Collaborate with DevOps, IT, and development teams to ensure timely containment, mitigation, and remediation of vulnerabilities and threats. Coordinate outputs from security assessment tools and penetration tests, ensuring clear ownership and timely closure of identified issues. Participate in and lead security testing exercises to evaluate and strengthen detection capabilities and response procedures. Drive continuous improvement of SOC operations by identifying logging gaps, proposing monitoring enhancements, and introducing new detection or response technologies. Maintain comprehensive documentation of investigations, incidents, tuning efforts, and threat intelligence to support reporting, knowledge sharing, and audit readiness. Stay current with evolving threat landscapes, adversary techniques, and emerging security tools and practices to strengthen SOC capabilities. Adapt SOC processes, solutions, and procedures to enhance the monitoring of the organization's IT network health. Ensure security operations and incident response practices are aligned with industry-recognized frameworks such as ISO 27001. Implement solutions within CI/CD pipelines to identify and block security issues reaching production environments Support the development and refinement of SOC procedures, training materials, and operational standards to enhance maturity and consistency across the team. Act as the operational lead for the SOC, overseeing day-to-day activities, workload prioritisation, incident coordination, and service delivery to ensure effective security monitoring and response capabilities. Provide line management, coaching, mentoring, and professional development support to SOC analysts, fostering a high-performing and collaborative security operations culture. What you need to fulfill the role You Must Have: Language & Communication Proficiency in spoken and written English, with the ability to communicate effectively across both technical and non-technical audiences The ability to communicate difficult or sensitive information tactfully Education & Experience: Bachelor's degree in cyber security or a related field, or equivalent professional experience Strong knowledge of cybersecurity principles, threat landscapes, and incident response procedures Awareness of current and emerging cyber threats affecting SaaS organisations Technical Skills: Hands-on experience with implementation, ongoing management and maturing of Security Information and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) platforms, threat intelligence platforms, and vulnerability identification tools Experience integrating custom-built applications into SIEM platforms Experience with implementation of automation solutions, enhancing SOC efficiency and speeding incident response Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms, including developing and maintaining automated response playbooks Experience with threat hunting focused on application code, application, infrastructure and hosting architecture, leveraging coding skills and a solid understanding of the software development lifecycle (SDLC) and infrastructure components Experience managing security issues identified through internal tools and external assessments, ensuring remediation is completed in line with company policies and standards Knowledge of common security frameworks and best practices Experience implementing solutions to detect and block security risks in CI/CD pipelines to prevent vulnerable code from being deployed into production SOC Operations: Experience in complex incident response and investigation, including forensic evidence handling and root cause analysis Experience managing business-as-usual (BAU) security operations workload alongside project-based work, both independently and in coordination with other team members Experience managing outputs from cybersecurity assessment tools, coordinating timely mitigation and remediation with key stakeholders. Experience coordinating outsourced penetration tests, ensuring smooth execution without service disruption Experience conducting security assessment exercises to evaluate SOC operational effectiveness and the organization's ability to respond to cybersecurity incidents Experience in tuning detection rules and alerts to improve accuracy and reduce false positives in security monitoring Technical Expertise: Experience with Azure, Azure AD, and AWS technologies and services Experience conducting forensic analysis of cybersecurity incidents Teamwork & Leadership: . click apply for full job details

Cyber Security Analyst, M-Threat & M-Score Location: Hybrid / High Wycombe, UK Job type: Permanent / Full-time Sector: IT Cybersecurity Salary: Competitive Salary Hours: Hybrid, Full Time, no overnight work (Mon - Thurs 9am-6pm, Fri 9am-5pm) Reporting To: Head of Managed Services About Saepio Cyber security isn't an add on to IT. It's a specialist discipline. Saepio is one of the UK's most recognised cyber specialists and a NCSC Assured Service Provider. We work with over 1,000 organisations to cut through noise and see real risk, align policy, people and technology, mature security operations, build resilience and provide high impact events and campaigns. What will you be doing? You will be involved in a variety of managed services to our customers including Digital Risk Protection, Brand Protection and Dark Web Monitoring. You will set up services for new customers and investigate alerts from the monitoring platform to inform clients of security threats. You will provide insightful performance summaries, recommend service improvements, and develop relationships with customers to deliver exceptional service. Responsibilities include: Onboarding: manage new customer onboarding to new security services Client Relationship Management: build and maintain relationships with existing clients, understand their needs, ensure satisfaction Service Delivery Management: support and guide customers to improve security awareness Issue Resolution: act as point of contact for service related issues and resolve them with internal teams Communication: provide regular updates, address inquiries, manage expectations Performance Monitoring: track service performance metrics to identify trends and areas for improvement Process Improvement: identify opportunities to enhance delivery processes and implement solutions Reporting: prepare and present high quality service reports to customers Documentation: maintain accurate records of service delivery activities, client interactions, and issue resolutions What are we looking for? This role suits someone with a background in SOC Analyst, Information Security Analyst, Security Awareness Training, Security Incident, Service Management, or Security Customer Success roles. You should be passionate about delivering high quality service, able to manage multiple customers, maintain a high level of detail orientation, and communicate professionally with clients and internal teams. You must have impeccable organisation and task management skills and be able to handle pressured situations and deadlines. Requirements Experience: at least 1 year in a customer facing security operational support role providing incident/request management, service reporting, reviews and service improvement. Excellent communication and interpersonal skills. Creative problem solving skills. Organisational skills. Customer Relationship Management (CRM) skills. Attention to detail. Best in class customer service record. Collaborative teamwork. Desire to learn and skill development. Other skills/qualifications (Desirable) Experience in a Managed Security Service Provider (MSSP). Digital Risk Protection/Brand Management (Rapid7, Zerofox, SOCRadar). Supply Chain Security Risk Management (Security Scorecard). SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify). Vulnerability Management (Qualys, Nessus, Nexpose). Cyber Security certifications (e.g., CompTIA, NIST, ISO27000, SOC2, GDPR). What do we offer Hybrid working. 25 days annual leave plus a half day for a "Duvet morning" and another for your birthday. BUPA Premium Health Insurance covering pre existing conditions. Critical Illness Cover. Royal London Pension Plan. Strong learning and development culture. Incentive trips exploring the globe. Free parking onsite at HQ. Cycle to Work scheme. Fantastic social events: Family Fun Day, Quarterly socials, Festive Party. Quarterly company wide recognition events (e.g., lunch at a Michelin star restaurant). Please note: To be eligible for this role, you must have the right to work in the UK on a permanent basis (e.g., Indefinite Leave to Remain or UK/EU Settled Status). We are unable to provide visa sponsorship at this time.

Cyber Security Analyst (Tier 2) Hybrid working from client site in Bradford A bit about us At Gamma, we're more than just a leader in Unified Communications as a Service (UCaaS) - we're a dynamic, forward-thinking team revolutionizing the way businesses connect and communicate. We provide voice, data, and mobile solutions to businesses across the UK, Germany, Spain, and the Benelux region, and we're expanding rapidly to bring digital automation and Gamma-powered services to SMEs through a growing network of channel partners. We move fast with a start-up mindset, but we have the stability of a leading European business. Our team thrives on collaboration, innovation, and the belief that diverse perspectives make us stronger. Join us, and you'll have the opportunity to make an impact, grow your career, and be part of a company that celebrates inclusivity and fresh ideas. What will you be doing? We are seeking a proficient and motivated Cyber Security Analyst - Tier 2 to join our dynamic Security Operations Centre (SOC) team. You will play a crucial role in monitoring and responding to cybersecurity incidents for one of large enterprise customers. Your main responsibilities will include detecting, investigating, and resolving security incidents while leveraging your advanced technical skills and security knowledge. As a Cyber Security Analyst - Tier 2, you will act as a senior analyst conducting regular threat hunting investigations. Stay updated on the latest cyber security trends, contribute to the SOC team's efficiency and support the proactive detection of new vulnerabilities disclosures. You will report to the Security Operations Manager, support our Managed Detection and Response (MDR) technologies and security incident handling. The ideal candidate will have a strong understanding of security principles, networking, threat actors, and threat vectors. Exceptional problem-solving and communication skills are a must to proactively identify areas for customer security improvements. Previous knowledge and experience managing and utilizing technologies such as Rapid 7 IDM, IVM and Cortex EDR. What will you be doing day-to-day? Analysis: Utilize SIEM and other security tools to monitor and analyze security alerts, triage incidents, and investigate breaches and vulnerabilities. Threat Hunts: Responsible for conducting proactive investigations beyond security tool alerts, identify anomalous behaviour, and derive patterns in log data to detect new Tactics, Techniques and Procedures (TTPs). Vulnerability Disclosures: Regularly document new vulnerability disclosures and communicate findings to stakeholders at all levels. Documentation: Record incidents, actions taken, and resolutions in accordance with company procedures. Customer Support: Address security and technical queries from customers and elevate issues as necessary. Training: Continuously update your knowledge on cyber security trends through ongoing training. Collaboration: Work closely with team members to enhance security protocols and improve incident response strategies. Incident Handling: Triage security alerts, elevate incidents to customers and senior management when applicable, and ensure timely resolution. Security Measures: Identify and support the management of implementing security measures, such as tuning and use case development. Communication: Collaborate with cross-functional teams, communicate security requirements to stakeholders, and ensure successful handovers to support teams. Research: Stay informed and lead internal and external customer communications about emerging threats, technologies, and regulatory changes to maintain cutting edge security practices. About you Previous experience working in a SOC leveraging SIEM and EDR technologies; including Rapid 7, Microsoft Sentinel, Cortex EDR and Defender Experience conducting deep diving investigations and compiling post analysis reports Good understanding of regulatory standards and compliance (e.g., GDPR, ISO 27001, PCI DSS) Experience with Sentinel, Rapid 7 IDR, IVM, Cortex EDR, or similar Strong understanding of network security, endpoint protection, IAM, and data protection concepts Ability to communicate complex technical concepts to both technical and non technical stakeholders effectively A good understanding of Cloud concepts, Microsoft Windows and Linux based operating systems Passionate about the industry with the drive to stay up to date with the latest industry trends and solutions Qualifications Bachelor's degree in Cyber Security, Computer Science, Information Security, or related field preferred Relevant certifications such as CompTIA CySA+, Certified Ethical Hacker (CEH), Microsoft SC 200, or similar Security Cleared or able to obtain Security Clearance What do we offer you? At Gamma, we believe in work life balance, which is why we offer 25 days of annual leave, plus an extra day off for your birthday. Giving back is important to us, so we also provide a volunteer day to support a charity that matters to you. Family matters, too. With enhanced maternity and paternity pay, we're here to support you as a parent and help you thrive in your career. We offer a contributory pension plan to help you save for the years ahead, with Gamma's contribution varying depending on yours. Your well being is our priority. We offer group income protection and life assurance (four times your salary) to ensure peace of mind for you and your loved ones. We want you to share in our success. That's why we offer tax efficient share save and share incentive plans, giving you the opportunity to benefit from Gamma's growth. We're committed to health, both physical and mental, and provide private medical insurance through Vitality, which extends to your immediate family. And, because we care about the environment, we offer an Electric Vehicle scheme through Octopus and a Cycle to Work scheme, making it easier to get around sustainably. A few things to note Unfortunately, we can't offer visa sponsorship or relocation support for this role. This role requires hybrid working from our client site in their Bradford office. If you feel you could be a good fit for Gamma but do not think that you meet all the requirements, we still encourage you to apply as you could be the person that we are looking for. Gamma is an equal opportunity employer. We care about inclusion and believe in having diverse teams where everyone can be their true authentic selves. We value each person and their range of backgrounds and actively encourage people from underrepresented backgrounds to apply. We don't discriminate based on any protected characteristics e.g., race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability, or age. We are a family friendly employer with a culture based on trust, autonomy, and flexibility to help you create a work life balance and enjoy working here at Gamma. For recruitment agencies - we have a network of fantastic partners that support us in our hiring from time to time. We're not looking to increase that network currently, so please don't send speculative CVs.

Who are we Founded in 1896, Knight Frank was registered as Knight Frank LLP a Limited Liability Partnership, on 3 November 2003, registered in England & Wales at 55 Baker Street, London, W1U 8AN with the registered number of OC305934. Headquartered in London, UK, Knight Frank is one of the world's leading independent real estate consultancies. We work responsibly in partnership to enhance people's lives and environments in over 50 markets, 600+ offices, 20,000+ people, 1 global network. At the heart of all we do are our clients. A relationship built on trust is vital. As trusted partners in property, we act with integrity and care, understanding our clients' unique needs and consistently thinking about the bigger picture to provide personalised, clear and considered advice across all areas of property. Through our deep understanding of key markets and sectors - both emerging and established - we are dedicated to meeting and exceeding their property goals. A true partnership is a balanced one, and our people are passionate about, and committed to, making our business inclusive and diverse. We give every individual the space and opportunity to perform at their best and be recognised for the immense value they bring. We empower everyone to have autonomy in their role and encourage them to use their voice in how we can make a positive impact as a firm and shape the future of real estate, the built environment and the impact on the communities we serve. In 2021 we celebrated our 125th anniversary and set out Our Desired Future, cemented in three pillars: People Potential, Client Centricity and always Creating our Future, together. About The Role Security and Privacy Operations Analyst - Initial 6 month contract Role Overview Information Security is responsible for the stability, maturity, and continuous improvement of the firm's operational security and privacy controls. This includes leading the monitoring, detection, response, and management of cyber and data-related risks while ensuring compliance with UK GDPR, industry standards (ISO27001), and client expectations. This role plays a key role in the operational management of security and privacy risk across the firm's technology environment. Working with third party service providers, it ensures the effective operation of threat detection, incident response, data protection controls, and operational workflows supporting UK GDPR compliance. This is a hands on technical role requiring strong analytical skills, attention to detail, and a proactive mindset. The ideal candidate will have practical experience with Microsoft security and compliance technologies, an interest in learning advanced detection and automation techniques, and a desire to contribute to a growing, high performing security operations capability. Key Responsibilities Monitor security event identification via the third party security operations service. Triage, analyse, and investigate incidents to validate potential threats, anomalies, or policy violations. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence led techniques. Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard. Facilitate security testing and awareness through threat simulations. Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs). Conduct data discovery and collection across systems, ensuring completeness and accuracy. Support DPIA processes through data mapping, evidence gathering, and risk assessment input. Help maintain and tune Microsoft Defender, Sentinel, and Purview policies, analytics rules, alerts, and workflows. Support the development, testing, and maintenance of automated playbooks and response actions (e.g., Logic Apps). Verify compliance with expected practice in the operation of technology services, including security baseline and access right reviews. Support vulnerability management by tracking remediation, validating fixes, and assisting with reporting. Gather and analyse data to help identify trends, gaps, and areas for control improvement. Assist with periodic control reviews, audits, and compliance checks as required. Prepare operational reports, dashboards, and metrics for the Team Lead and wider stakeholders. Develop and maintain playbooks, runbooks, and procedural documentation. Contribute to continuous improvement activities, including identifying opportunities to streamline operations. Ensure all actions adhere to internal policies, regulatory requirements, and industry best practice. Qualifications & Experience Essential Min 5+ years' experience working in a security operations, IT security, privacy operations, or related technical role. Familiarity with: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Basic understanding of key cybersecurity and privacy concepts, such as: Threat detection and analysis Incident response lifecycle Vulnerability and exposure management Data privacy principles and data subject rights Experience analysing logs, alerts, or data from security tools. Strong documentation, investigation, and analytical skills. Desirable Hands on experience writing KQL queries, PowerShell, or CLI commands. Exposure to automation or playbooks (Logic Apps, Defender workflows). Knowledge of frameworks such as MITRE ATT&CK or NIST CSF. Competitive salary Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.

Cyber Security Analyst (Tier 2) Hybrid working from client site in Bradford A bit about us At Gamma, we're more than just a leader in Unified Communications as a Service (UCaaS) - we're a dynamic, forward-thinking team revolutionizing the way businesses connect and communicate. We provide voice, data, and mobile solutions to businesses across the UK, Germany, Spain, and the Benelux region, and we're expanding rapidly to bring digital automation and Gamma-powered services to SMEs through a growing network of channel partners. We move fast with a start-up mindset, but we have the stability of a leading European business. Our team thrives on collaboration, innovation, and the belief that diverse perspectives make us stronger. Join us, and you'll have the opportunity to make an impact, grow your career, and be part of a company that celebrates inclusivity and fresh ideas. What will you be doing? We are seeking a proficient and motivated Cyber Security Analyst - Tier 2 to join our dynamic Security Operations Centre (SOC) team. You will play a crucial role in monitoring and responding to cybersecurity incidents for one of large enterprise customers. Your main responsibilities will include detecting, investigating, and resolving security incidents while leveraging your advanced technical skills and security knowledge. As a Cyber Security Analyst - Tier 2, you will act as a senior analyst conducting regular threat hunting investigations. Stay updated on the latest cyber security trends, contribute to the SOC team's efficiency and support the proactive detection of new vulnerabilities disclosures. You will report to the Security Operations Manager, support our Managed Detection and Response (MDR) technologies and security incident handling. The ideal candidate will have a strong understanding of security principles, networking, threat actors, and threat vectors. Exceptional problem-solving and communication skills are a must to proactively identify areas for customer security improvements. Previous knowledge and experience managing and utilizing technologies such as Rapid 7 IDM, IVM and Cortex EDR. What will you be doing day-to-day? Analysis: Utilize SIEM and other security tools to monitor and analyze security alerts, triage incidents, and investigate breaches and vulnerabilities. Threat Hunts: Responsible for conducting proactive investigations beyond security tool alerts, identify anomalous behaviour, and derive patterns in log data to detect new Tactics, Techniques and Procedures (TTPs). Vulnerability Disclosures: Regularly document new vulnerability disclosures and communicate findings to stakeholders at all levels. Documentation: Record incidents, actions taken, and resolutions in accordance with company procedures. Customer Support: Address security and technical queries from customers and elevate issues as necessary. Training: Continuously update your knowledge on cyber security trends through ongoing training. Collaboration: Work closely with team members to enhance security protocols and improve incident response strategies. Incident Handling: Triage security alerts, elevate incidents to customers and senior management when applicable, and ensure timely resolution. Security Measures: Identify and support the management of implementing security measures, such as tuning and use case development. Communication: Collaborate with cross-functional teams, communicate security requirements to stakeholders, and ensure successful handovers to support teams. Research: Stay informed and lead internal and external customer communications about emerging threats, technologies, and regulatory changes to maintain cutting edge security practices. About you Previous experience working in a SOC leveraging SIEM and EDR technologies; including Rapid 7, Microsoft Sentinel, Cortex EDR and Defender Experience conducting deep diving investigations and compiling post analysis reports Good understanding of regulatory standards and compliance (e.g., GDPR, ISO 27001, PCI DSS) Experience with Sentinel, Rapid 7 IDR, IVM, Cortex EDR, or similar Strong understanding of network security, endpoint protection, IAM, and data protection concepts Ability to communicate complex technical concepts to both technical and non technical stakeholders effectively A good understanding of Cloud concepts, Microsoft Windows and Linux based operating systems Passionate about the industry with the drive to stay up to date with the latest industry trends and solutions Qualifications Bachelor's degree in Cyber Security, Computer Science, Information Security, or related field preferred Relevant certifications such as CompTIA CySA+, Certified Ethical Hacker (CEH), Microsoft SC 200, or similar Security Cleared or able to obtain Security Clearance What do we offer you? At Gamma, we believe in work life balance, which is why we offer 25 days of annual leave, plus an extra day off for your birthday. Giving back is important to us, so we also provide a volunteer day to support a charity that matters to you. Family matters, too. With enhanced maternity and paternity pay, we're here to support you as a parent and help you thrive in your career. We offer a contributory pension plan to help you save for the years ahead, with Gamma's contribution varying depending on yours. Your well being is our priority. We offer group income protection and life assurance (four times your salary) to ensure peace of mind for you and your loved ones. We want you to share in our success. That's why we offer tax efficient share save and share incentive plans, giving you the opportunity to benefit from Gamma's growth. We're committed to health, both physical and mental, and provide private medical insurance through Vitality, which extends to your immediate family. And, because we care about the environment, we offer an Electric Vehicle scheme through Octopus and a Cycle to Work scheme, making it easier to get around sustainably. A few things to note Unfortunately, we can't offer visa sponsorship or relocation support for this role. This role requires hybrid working from our client site in their Bradford office. If you feel you could be a good fit for Gamma but do not think that you meet all the requirements, we still encourage you to apply as you could be the person that we are looking for. Gamma is an equal opportunity employer. We care about inclusion and believe in having diverse teams where everyone can be their true authentic selves. We value each person and their range of backgrounds and actively encourage people from underrepresented backgrounds to apply. We don't discriminate based on any protected characteristics e.g., race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability, or age. We are a family friendly employer with a culture based on trust, autonomy, and flexibility to help you create a work life balance and enjoy working here at Gamma. For recruitment agencies - we have a network of fantastic partners that support us in our hiring from time to time. We're not looking to increase that network currently, so please don't send speculative CVs.

As part of this evolution, we are looking for an Internal Cyber Defence Consultant to strengthen our defensive posture, lead the maturity of our Blue Team capability, and ensure Ricoh remains resilient against an ever evolving threat landscape. This is a high impact individual contributor role with virtual leadership responsibilities and working closely with security, technology and business teams across Europe. What you will be doing The Internal Cyber Defence Consultant will be responsible for shaping and maturing Ricoh's defensive security operations. This includes overseeing detection engineering, incident response, threat hunting, and vulnerability management. You will guide the virtual Blue Team, set the direction for defensive strategy, and ensure security controls, processes, and technologies deliver protection across Ricoh's systems, networks and data. Operating in a complex and fast paced environment, you will be accountable for the design and continual improvement of detection and response capabilities, while ensuring alignment with industry standards, regulatory requirements and Ricoh's risk appetite. This role blends technical expertise, leadership, analysis and communication, requiring someone who can influence without direct authority and act decisively when incidents occur. Key Responsibilities Include: Blue Team Leadership & Operations Leading and coordinating the virtual Blue Team, including SOC analysts, incident responders, threat hunters and defensive engineers Setting strategic direction, improving processes, and supporting skill development across the defensive capability Acting as a senior escalation point during investigations and major incidents Designing, implementing and tuning detection rules across SIEM, SOAR, EDR and NDR platforms Managing log ingestion, telemetry pipelines and data quality to ensure visibility across all environments Identifying gaps in logging, coverage or monitoring and driving improvements Managing incident response processes, including playbooks, tabletop exercises and post incident reviews Leading investigations, coordinating cross functional teams and ensuring effective containment, eradication and recovery Embedding lessons learned into future detection, tooling and process enhancements Threat Hunting & Proactive Defence Conducting hypothesis driven threat hunts informed by threat intelligence Identifying stealthy or emerging threats not caught by automated detection Collaborating with Red Team operators to validate detection gaps and enhance Blue Team response Vulnerability & Exposure Management Overseeing vulnerability management processes and coordinating risk based remediation Working with infrastructure and application teams to prioritise and address high risk weaknesses Reporting remediation progress and exposure trends to senior leadership Governance, Reporting & Culture Ensuring compliance with ISO 27001, GDPR, NIS2 and internal security policies Providing clear reporting on threat trends, risk indicators, detection maturity and incident metrics Championing a security first culture through guidance, awareness and training initiatives You will ideally have Technical Expertise Strong hands on experience across SIEM, SOAR, EDR and NDR technologies - covering the Microsoft suite. Zero Trust experience, ideally with zScaler. Proficiency in detection engineering, alert tuning, log analysis and data correlation Solid understanding of MITRE ATT&CK, cyber kill chain and threat actor TTPs Experience conducting or leading incident response and digital forensics investigations Skilled in threat hunting techniques, anomaly detection and behavioural analytics Strong knowledge of vulnerability management processes and tooling Understanding of enterprise networks, cloud environments, endpoints and identity systems Leadership & Interpersonal Skills Experience guiding virtual or multidisciplinary security teams Strong communicator, comfortable engaging senior stakeholders across technical and non technical functions Able to influence decision making, challenge assumptions and advocate for necessary security improvements Skilled at maintaining calm, clarity and leadership during high pressure security incidents Capable of building trust, fostering collaboration and promoting continuous improvement Business & Strategic Acumen Understanding of Ricoh's business context, regulatory environment and operational dependencies Ability to translate technical risk into meaningful business impact Awareness of sector specific risks and organisational priorities Experience working in or with regulated enterprise environments Qualifications & Experience Bachelor's degree in Cybersecurity, Computer Science, IT or related field Relevant certifications such as GCIH, GCIA, GMON or CISSP Extensive proven experience in defensive cyber security roles Proven experience in a leadership or senior operational position Hands on experience leading major incident investigations in enterprise environments Exposure to red/purple team exercises, detection tuning and threat driven defence In return for your commitment, you can expect At Ricoh, work should feel meaningful, supportive and fulfilling. The Ricoh Promise shapes your experience through four pillars that bring our culture to life. Love to Connect You become part of a global community built on openness, inclusion and genuine collaboration. Across teams, countries and roles, you'll find people who listen, involve and encourage you - helping you feel valued and able to be yourself every day. Love to Grow Your development truly matters to us. With access to learning pathways, mentoring and career opportunities across functions and countries, you'll be supported to stretch your skills, explore new directions and stay future ready in a changing world. Love to Give Back Purpose is part of how we work. You'll have opportunities to make a difference through volunteering, sustainability initiatives and community programmes that reflect our shared values and commitment to positive impact. Love to Succeed Success at Ricoh is something we pursue together. You'll benefit from fair rewards, flexible working, wellbeing resources and real recognition - including programmes such as the Imagine. Change. Awards, where colleagues celebrate each other's achievements. We are an equal opportunities employer We believe that diverse perspectives make us stronger, and we welcome applications from people of all backgrounds, identities, and experiences. Our hiring decisions are based on skills, experience and potential, and we are committed to creating a fair and inclusive recruitment process. If you require any reasonable adjustments at any stage of the recruitment journey, please let us know and we will support you to bring your best self forward.

£45,000.0 to £55,000.0 per year, plus bonus and benefits Contract Type: Permanent Hours: Full time Disability Confident: No Closing Date: 27/06/2026 About this job Senior Cyber Security Analyst - Permanent, full time, £55,000 plus bonus (Bolton - 3 days per week onsite). Key Responsibilities Work with the Head of Information Security to mature the incident response capability. Use your understanding of the contemporary threat environment to assist with vulnerability investigations and response. Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Act as an escalation point for any cyber security incidents and document processes. Respond to incidents alongside the Head of Cyber and the existing MSSP across incident response and proactive monitoring and detection. Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment. Experience with the Microsoft Defender suite and Tanium (ideal). Solid understanding of cybersecurity principles and incident response processes. Exposure to red teaming (great if you have it). Experience with use case development. Understanding of security best practice frameworks (NIST, ISO27001, etc.). Good understanding of threat assessment. Technical IT background. Strong problem solving skills and a go getter attitude. Excellent communication skills and ability to work independently in a fast paced setting. What's on Offer Salary: £45,000 - £55,000 plus bonus. 25 days annual leave + movable bank holidays + up to 5 days buy and sell. Pension and company specific benefits. Flexible and hybrid working options. Career development opportunities and access to accredited qualifications.

Senior Information Security Analyst, UK page is loaded Senior Information Security Analyst, UKlocations: London, United Kingdomtime type: Full timeposted on: Posted 3 Days Agojob requisition id: R-100213Realty Income aims to be a globally recognized leader in the S&P 100, committed to creating long-term value for all stakeholders. These stakeholders include our dedicated team members, who embody our purpose: building enduring relationships and brighter financial futures. This guiding principle serves as a beacon for our team, influencing every action we take. Our employees consistently invest their time, commitment, and dedication into the company, and in turn, they receive investment returns in the form of purpose, belonging, and opportunities for advancement. We are committed to best-in-class corporate responsibility practices through environmental initiatives, governance programs, and community outreach projects. From the boardroom to the breakroom, our team members make a difference every day.Realty Income (NYSE: O), an S&P 500 company, is a real estate partner to the world's leading companies. Founded in 1969, we invest in diversified commercial real estate and have a portfolio of 15,500 properties in all 50 U.S. states, the UK and eight other countries in Europe, with a gross book value $58bn. We are known as "The Monthly Dividend Company(R)" and have a mission to deliver stockholders dependable monthly dividends that grow over time. Since our founding, we have declared 656 consecutive monthly dividends and are a member of the S&P 500 Dividend Aristocrats(R) index, having increased our dividend for the last 31 consecutive years.The European portfolio, including the UK, has grown significantly since our first international acquisition, a £429m 12-property portfolio from Sainsbury's in 2019. In just five years the portfolio now includes investments of over €11bn, and 483 distinct properties.Be a part of this growth story for a world leading Real Estate Investment Trust! Working in this global role you will contribute to the Info Sec team's expansion in Europe, empowering your career and allowing you to take on additional responsibility and challenges, whilst you broaden your experience and skillsets. Position Overview: Reporting to the Associate Director, European IT and operating under the supervision of the global Information Security program, the Senior Information Security Analyst supports the day-to-day operations of the global Information Security program, with a focus on security alert triage, incident investigation, and operational effectiveness across the environment.This role is responsible for monitoring and responding to security alerts, performing assigned operational tasks, and optimizing security tooling to improve detection quality and reduce false positives. The position operates within a centralized global security function and collaborates across regions to ensure consistent handling of security incidents.The Senior Information Security Analyst contributes to the continuous improvement of information security processes and procedures, supporting compliance activities aligned with frameworks and standards such as the NIST Cybersecurity Framework, GDPR and SOX. Key Responsibilities: Monitor, triage, and investigate security alerts in coordination with the Security Operations Center (SOC) and internal teams. Analyze and validate potential security incidents, ensuring accurate classification, documentation, and escalation. Perform daily operational information security tasks, including the management and resolution of ServiceNow incidents assigned to the Information Security team. Support incident response efforts through investigation, coordination, and detailed documentation of findings. Participate occasionally in an on-call rotation as required to support timely response and escalation of security incidents outside of business hours, ensuring appropriate handover, documentation, and continuity of incident management. Tune and optimize security tools, including SIEM and endpoint protection platforms, to improve alert fidelity and reduce false positives. Collaborate with internal technology teams to ensure appropriate logging, monitoring, and alerting capabilities are in place across systems. Work closely with the IT Service Desk, Operations, and development teams to support vulnerability identification and ensure remediation is prioritised and delivered within agreed SLAs. Work closely with global and regional stakeholders to support consistent security operations and incident handling across time zones. Support security awareness initiatives through participation in training, workshops, and knowledge-sharing activities. Partner with the global Information Security team to review, streamline, and develop security processes, procedures, and incident response playbooks, while maintaining accurate, current documentation aligned with approved standards. Promote a culture of security across the organization through engagement and collaboration. Performs other duties as assigned. Candidate Requirements Knowledge, Skills, and Abilities Must have for the role: Suitable experience in an Information Security role. Some previous relevant experience in a technical IT role (System Administration/Network Administration/DevOps). While we do not set upper or lower limits of experience for any of our vacancies, candidates with at least 4 - 8 years' suitable experience are likely to have the right level of knowledge and experience. Combination of education, training, experience, skills and other characteristics that would provide the requisite knowledge and abilities in support of the essential job functions. Must have Cybersecurity certification(s) (CISSP, Sec+, CCSP, CEH) or equivalent Knowledge of security frameworks and regulatory compliance standards (NIST CSF, SOX ITGC, GDPR, etc.). Hands-on experience with security technologies including Microsoft Defender, Zscaler, SIEM platforms (e.g. Google SecOps), and identity platforms (e.g. Azure/Entra, Okta).Hands on experience in incident response, threat detection, and vulnerability management within an enterprise environment. Strong ability to analyze, prioritize, and respond to security alerts and vulnerabilities within the context of business operations and risk tolerance. Experience with incident response processes and best practices, including investigation, escalation, and documentation. Knowledge of cloud security principles, particularly within Microsoft Azure environments. Working technical knowledge of IT systems including Active Directory, Microsoft 365 and Windows OS. Strong written and verbal communication skills include the ability to clearly document findings and risks to technical and non-technical stakeholders. Demonstrate commitment to continuous learning, staying current with emerging threats, technologies and industry trends. Hybrid working arrangements, in the office Monday / Tuesday / Wednesday / Thursday May require infrequent travel to remote sites. Make yourself available outside of normal working hours for security incidents Desirable but not essential: Experience working in the financial services or investment industries. Bachelor's degree in information security or related field or equivalent combination of education and experience. Our Mission & Values For more than 50 years, Realty Income has been guided by our mission to invest in people and places to deliver dependable monthly dividends that increase over time. We do this by nurturing long-term, meaningful relationships that enable people to achieve a better financial outlook. We understand that when individuals succeed financially, they are able to provide for their families, support local businesses and pursue their greatest ambitions-creating a lasting positive impact