SOC Analyst 75.48 p/hr (Inside IR35) Onsite Hereford 12 months Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution. Duties: Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements. Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness. Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security support role. Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification.
01/04/2026
Contractor
SOC Analyst 75.48 p/hr (Inside IR35) Onsite Hereford 12 months Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution. Duties: Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements. Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness. Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security support role. Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification.
Incident Responder / IR Consultant Hybrid - ManchesterUp to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR / DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear communication and smooth delivery across engagements, including implementation planning, progress tracking, and issue resolution. Role Requirements: Around 5 years' experience in cyber security, with a strong background in managing IR Cases / Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient, and able to work calmly under significant pressure. Relevant certifications are a big plus (e.g., CCIM or CIH) Fluency in German or Arabic would be a bonus This role is 1-2 days a week onsite in either their office or at a client site. If you are interested in discussing this great opportunity further, press 'Apply Now' or send your CV directly to faye com Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
01/09/2025
Full time
Incident Responder / IR Consultant Hybrid - ManchesterUp to £60k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for an Incident Responder (IR / DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear communication and smooth delivery across engagements, including implementation planning, progress tracking, and issue resolution. Role Requirements: Around 5 years' experience in cyber security, with a strong background in managing IR Cases / Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient, and able to work calmly under significant pressure. Relevant certifications are a big plus (e.g., CCIM or CIH) Fluency in German or Arabic would be a bonus This role is 1-2 days a week onsite in either their office or at a client site. If you are interested in discussing this great opportunity further, press 'Apply Now' or send your CV directly to faye com Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
Senior Incident Responder / IR Consultant Hybrid - ManchesterUp to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR / DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear communication and smooth delivery across engagements, including implementation planning, progress tracking, and issue resolution. Role Requirements: Around 5 years' experience in cyber security, with a strong background in Leading and Managing IR Cases / Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient, and able to work calmly under significant pressure. Relevant certifications are a big plus (e.g., CCIM or CIH) Fluency in German or Arabic would be a bonus This role is 1-2 days a week onsite in either one of their offices or at a client site. If you are interested in discussing this great opportunity further, press 'Apply Now' or send your CV directly to faye com Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
01/09/2025
Full time
Senior Incident Responder / IR Consultant Hybrid - ManchesterUp to £80k + Bonus + Good bens. I'm currently working with an established cyber security business that's looking for a Senior Incident Responder (IR / DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a hands-on, client-facing role that requires a calm head, deep technical knowledge, and the ability to own high-impact situations from start to finish. You will be working on back-to-back incidents (occasionally concurrent) so this role would suit someone who enjoys the high-pressure environment of incident response and enjoys being busy. Responsibilities: Co-ordinate and manage cyber security incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear communication and smooth delivery across engagements, including implementation planning, progress tracking, and issue resolution. Role Requirements: Around 5 years' experience in cyber security, with a strong background in Leading and Managing IR Cases / Projects Strong knowledge of cyber security threats, attack vectors, IOC, remediation. Hands-on experience with a range of different forensic tools, ELK, EDR, SIEM, and log analysis, Open Source Toolkits Comfortable communicating with both technical and non-technical stakeholders during high-stress situations. You must have excellent communication skills. You must be adaptable, resilient, and able to work calmly under significant pressure. Relevant certifications are a big plus (e.g., CCIM or CIH) Fluency in German or Arabic would be a bonus This role is 1-2 days a week onsite in either one of their offices or at a client site. If you are interested in discussing this great opportunity further, press 'Apply Now' or send your CV directly to faye com Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
Cyber Security Analyst Permanent - Salary £35,000 - £40,000 + Excellent Company Benefits Luton - Mon-Fri - 9am-5:30pm | Onsite - (flexible working) Lucid Connect are working in partnership with a leading organisation in the Bedfordshire area. The Cyber Security Analyst are required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve general security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily Duties: Endpoint monitoring and analysis Incident readiness and handling as part of the CSIRT team Monitor and administer Security Information and Event Management Malware analysis and forensics research Understanding/differentiation of intrusion attempts and false positives Investigation tracking and threat resolution Vulnerability identification & mitigation/remediation Compose security alert notifications Help develop cyber security process & procedures Advise incident responders & other teams on threat Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents/events To take a pro-active approach in this job role, through monitoring the performance of systems and making regular routine inspections of installed equipment and taking corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets Analysis of weekly vulnerability scans and add the risks to the risk register Key Requirements: A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Knowledge & experience in Microsoft Windows Operating Systems. Knowledge & experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Abilities in multi-tasking, prioritizing work, and handling competing interests Abilities in analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Good Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation Firewall/UTMs) A very good team working ethic, communicating with colleagues in a clear and professional manner, whilst maintaining a customer-service based approach. The ability to work alone using own initiative and managing support calls to a high standard Self-motivated to advance own knowledge & gain formal qualifications Desirable IT Qualifications/Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience
21/09/2022
Full time
Cyber Security Analyst Permanent - Salary £35,000 - £40,000 + Excellent Company Benefits Luton - Mon-Fri - 9am-5:30pm | Onsite - (flexible working) Lucid Connect are working in partnership with a leading organisation in the Bedfordshire area. The Cyber Security Analyst are required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve general security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily Duties: Endpoint monitoring and analysis Incident readiness and handling as part of the CSIRT team Monitor and administer Security Information and Event Management Malware analysis and forensics research Understanding/differentiation of intrusion attempts and false positives Investigation tracking and threat resolution Vulnerability identification & mitigation/remediation Compose security alert notifications Help develop cyber security process & procedures Advise incident responders & other teams on threat Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents/events To take a pro-active approach in this job role, through monitoring the performance of systems and making regular routine inspections of installed equipment and taking corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets Analysis of weekly vulnerability scans and add the risks to the risk register Key Requirements: A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Knowledge & experience in Microsoft Windows Operating Systems. Knowledge & experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Abilities in multi-tasking, prioritizing work, and handling competing interests Abilities in analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Good Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation Firewall/UTMs) A very good team working ethic, communicating with colleagues in a clear and professional manner, whilst maintaining a customer-service based approach. The ability to work alone using own initiative and managing support calls to a high standard Self-motivated to advance own knowledge & gain formal qualifications Desirable IT Qualifications/Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience
Reporting to: DEVOPS manager
Location: Liverpool (Central)
ROLE PURPOSE
Huntswood’s success relies on its IT Infrastructure and End-user facilities being available, effective and efficient.
The purpose of the role of the Service Desk Technician is to act as a ‘First and Second level-responder’’ - a first point of contact for all requests logged with the Service Desk. In responding to incidents, user requests and problems, a Service Desk Technician offers a professional, courteous, speedy and effective service to ensure disruption to Huntswood’s business processes and clients are kept to a minimum.
Huntswood takes information security seriously and has achieved certification to ISO27001:2013. A Service Desk technician ensures that Huntswood’s computing facilities are kept secure and that new proposals, installations, upgrades and changes do not breach Huntswood’s security policy or expose us to unnecessary risk.
Job description
* Ensure that incidents and problems logged on Huntswood’s call logging system are responded to quickly, professionally and courteously, ensuring that calls are correctly prioritised and categorised.
* Ensure that identified incidents and problems are descriptively logged and kept up to date on Huntswood’s call logging system.
* Ensure that all incidents, requests and problems are escalated to the appropriate team if they are not able to be resolved within the agreed timescale.
* Strive to resolve a majority of tickets on first contact and to work with the DevOps Manager to identify opportunities to further improve the number of tickets resolve on first contact.
* Provide remote support across Huntswood sites.
* Be a true team player, working professionally and constructively with colleagues offering help and assistance with incidents, user requests, problems and projects.
* Ensure Huntswood’s computing facilities are kept secure to reduce the risk of breaches of confidentiality, integrity and availability.
* Ensuring the IT Team’s documentation is kept up to date.
* Carry out manual handling, moving desktop equipment during desk and office moves as well as project set ups.
* Perform daily tasks as per the IT schedule including server backups, performance and capacity monitoring.
Person Specification
Essential
* Excellent Customer Service skills
* Enjoy working in a busy environment with changing priorities and goals
* Good level of understanding of a Microsoft Windows Active Directory environment including GPO
* Be able to demonstrate a good understanding of the major Microsoft packages namely Microsoft Windows and Office.
* Good level of understanding of TCP/IP and network troubleshooting
* Current IT qualification, preferably Microsoft, Cisco or VMware. Or be able to demonstrate the equivalent experience and knowledge.
* Be able to demonstrate excellent problem management skills.
* Excellent business communication skills, with the skills to communicate at all levels.
* Excellent time management.
* Capable of moving desktop equipment in an office environment.
* Experience of working in an ITIL aligned environment.
* An out-of-the-box thinker with a passion for IT and how information technology and new technology can be used to improve Huntswood.
* Good understanding of scripting language such as PowerShell
* Comfortable giving training to other team members
Desirable
* Good level of understanding of a virtualised computing environment, preferably VMware.
* Expert level of understanding of a Microsoft Windows Active Directory environment.
* Be able to demonstrate an expert understanding of the major Microsoft packages namely Microsoft Windows and Office.
* Expert level of understanding of the latest Microsoft Exchange technologies.
* Any of the following IT qualifications; CompTIA A+, Microsoft Certified IT Professional (MCITP), Cisco Certified Network Associate (CCNA), ITIL foundation v3
* Experience of supporting any of the following; Microsoft Dynamics CRM, Hitec Labs DatastoreDSX, Epicor E4SE/EBO.
* Experience of working with ISO27001:2013.
* Advanced understanding of LAN/WAN technology.
* Experience of modern telephony systems including VOIP, preferably AVAYA.
* Good project management skills
* Degree in a relevant subject.
* Full and clean driving license.
CORE BEHAVIOURS
To work with, Huntswood’s employees are described as dependable, driven and collaborative. The job holder should be able to demonstrate they are;
* Confidential, reliable and genuine
* Dynamic, passionate and determined
* Friendly, compassionate and cooperative
29/10/2018
Reporting to: DEVOPS manager
Location: Liverpool (Central)
ROLE PURPOSE
Huntswood’s success relies on its IT Infrastructure and End-user facilities being available, effective and efficient.
The purpose of the role of the Service Desk Technician is to act as a ‘First and Second level-responder’’ - a first point of contact for all requests logged with the Service Desk. In responding to incidents, user requests and problems, a Service Desk Technician offers a professional, courteous, speedy and effective service to ensure disruption to Huntswood’s business processes and clients are kept to a minimum.
Huntswood takes information security seriously and has achieved certification to ISO27001:2013. A Service Desk technician ensures that Huntswood’s computing facilities are kept secure and that new proposals, installations, upgrades and changes do not breach Huntswood’s security policy or expose us to unnecessary risk.
Job description
* Ensure that incidents and problems logged on Huntswood’s call logging system are responded to quickly, professionally and courteously, ensuring that calls are correctly prioritised and categorised.
* Ensure that identified incidents and problems are descriptively logged and kept up to date on Huntswood’s call logging system.
* Ensure that all incidents, requests and problems are escalated to the appropriate team if they are not able to be resolved within the agreed timescale.
* Strive to resolve a majority of tickets on first contact and to work with the DevOps Manager to identify opportunities to further improve the number of tickets resolve on first contact.
* Provide remote support across Huntswood sites.
* Be a true team player, working professionally and constructively with colleagues offering help and assistance with incidents, user requests, problems and projects.
* Ensure Huntswood’s computing facilities are kept secure to reduce the risk of breaches of confidentiality, integrity and availability.
* Ensuring the IT Team’s documentation is kept up to date.
* Carry out manual handling, moving desktop equipment during desk and office moves as well as project set ups.
* Perform daily tasks as per the IT schedule including server backups, performance and capacity monitoring.
Person Specification
Essential
* Excellent Customer Service skills
* Enjoy working in a busy environment with changing priorities and goals
* Good level of understanding of a Microsoft Windows Active Directory environment including GPO
* Be able to demonstrate a good understanding of the major Microsoft packages namely Microsoft Windows and Office.
* Good level of understanding of TCP/IP and network troubleshooting
* Current IT qualification, preferably Microsoft, Cisco or VMware. Or be able to demonstrate the equivalent experience and knowledge.
* Be able to demonstrate excellent problem management skills.
* Excellent business communication skills, with the skills to communicate at all levels.
* Excellent time management.
* Capable of moving desktop equipment in an office environment.
* Experience of working in an ITIL aligned environment.
* An out-of-the-box thinker with a passion for IT and how information technology and new technology can be used to improve Huntswood.
* Good understanding of scripting language such as PowerShell
* Comfortable giving training to other team members
Desirable
* Good level of understanding of a virtualised computing environment, preferably VMware.
* Expert level of understanding of a Microsoft Windows Active Directory environment.
* Be able to demonstrate an expert understanding of the major Microsoft packages namely Microsoft Windows and Office.
* Expert level of understanding of the latest Microsoft Exchange technologies.
* Any of the following IT qualifications; CompTIA A+, Microsoft Certified IT Professional (MCITP), Cisco Certified Network Associate (CCNA), ITIL foundation v3
* Experience of supporting any of the following; Microsoft Dynamics CRM, Hitec Labs DatastoreDSX, Epicor E4SE/EBO.
* Experience of working with ISO27001:2013.
* Advanced understanding of LAN/WAN technology.
* Experience of modern telephony systems including VOIP, preferably AVAYA.
* Good project management skills
* Degree in a relevant subject.
* Full and clean driving license.
CORE BEHAVIOURS
To work with, Huntswood’s employees are described as dependable, driven and collaborative. The job holder should be able to demonstrate they are;
* Confidential, reliable and genuine
* Dynamic, passionate and determined
* Friendly, compassionate and cooperative
