32 jobs found

1st Line Support Analyst up to £28,000 per annum Bromley, Kent Permanent Full Time We have an exciting opportunity for a 1st Line support analyst in our Service Desk team. Using your skills in technical analysis and 1st Line Support you will be responsible for supporting our internal employees, assisting with PC, applications, server, networking and hardware issues either in person, email, Teams, or via phone. You will be resolving issues in a timely manner and taking ownership of tasks allocated to you, escalating issues to 2nd and 3rd Line Support. Your day to day will include: Dealing with Microsoft operating systems (e.g. Windows 11, Windows server, Microsoft Office 365), networking and Active Directory Troubleshooting MS Office, antivirus software Analysing, prioritising and fixing all requests for both Head Office and Field staff and escalate issues to 3rd line as appropriate Configuring/decommissioning users Building and configuring desktops/laptops Monitoring and checking backups, capacity, security, hardware/software and operating system issues with the fileservers and network equipment Monitoring and checking system logs Ensuring anti-virus/anti-spam is current and kept up to date on all devices Assisting and participating in project work Ensuring prioritisation of daily workload Assisting with the rollout of software updates for both Head Office and Field users (SCCM knowledge would be beneficial to this role) Overseeing stock allocation in the Computer Room Comprehensive support for Microsoft environments Advanced troubleshooting of Microsoft Office & security applications Incident management and resolution User account lifecycle management Hardware and device setup Backup and system monitoring Log analysis and proactive maintenance Endpoint security management Collaboration with 1st Line Support Participation in IT projects Software deployment and patch management Asset and inventory management What we need from you: Proven experience working in a Service Desk function/ 1st Line Support Strong expertise in Windows 10/11 Proven experience with MS Office 365 Ability to work independently on 2nd line technical issues Strong understanding of Active Directory administration Expertise in Microsoft 365 ecosystem - Support and configuration of Exchange Online, OneDrive, SharePoint, Teams, and endpoint management. Proficiency in remote access tools such as LogMeIn, TeamViewer, or Microsoft Remote Desktop. Comprehensive knowledge of PC hardware and software setup/configuration - Including OS installation, driver management, and troubleshooting hardware failures. Fundamental understanding of networking - TCP/IP, DNS, DHCP, VPN, VLANs, and basic firewall configurations. ITIL framework awareness - Understanding of incident, problem, and change management processes within an ITIL-based service environment. Security awareness and best practices - Understanding of cybersecurity fundamentals, MFA, endpoint security solutions, and compliance requirements. Proven experience in Windows 10/11 Understanding and or knowledge of HaloITSM Good understanding of configuration of Active Directory Experience of Remote Access tools such as Log Me In Good understanding of PC hardware/software set-up/configuration and TCP/IP Technical experience in video conferencing, AV setups, telephone systems, Teams meeting rooms and preventative maintenance Experience of Incident and problem management from initiation through to closure Ability to create clear, concise, and user-friendly Knowledge Articles and Standard Operating Procedures (SOPs), ensuring documentation is accurate, up-to-date, and aligned with ITIL best practices. Able to work under pressure and to defined deadlines Good problem-solving skills Exceptional telephone manner Basic understanding of networks Supporting VIPs and ExCo members Full driving licence and own car preferred to be able to attend IT emergencies. Qualifications Microsoft 365 Fundamentals (MS-900) - essential ITIL foundation v3 - ideal ITSM platforms like Halo, FreshService, Service Now, Ivanti - preferred SCCM, WDS - preferred You will be required to work 40 hours per week. Monday to Friday. You will do an 8-hour shift, start time is 7.30am with 45 minutes lunch break. You will also be required to work an out of hours shift on a 1 week in 3 rota basis. This will be to You may be required to assist with critical system maintenance and updates that need to be performed outside of normal working hours to minimise disruption to business operations. assist in the systems maintenance tasks that cannot be performed during normal working hours. What we offer you: Basic salary up to £28,000 per annum. Bonus up to 7% dependant on your performance and company performance. Contributory Pension Plan (Company matches up to 5%). 25 days plus bank holidays. Life Assurance. 4x times pensionable earnings. Season Ticket Loan Employee Support Scheme Free Foresters Go Membership (Claimed back once ISA set up) plus additional 3% allocation rate We are a purpose driven organisation and we want to enable everyone that is a part of Foresters to channel their passion and enthusiasm into the charitable efforts that you care about. That is why we have created the Working for Purpose programme where we give you 1 day to volunteer with the charity of your choice. About us Foresters Financial is not your typical financial services provider. Those who join our purpose-driven organisation enjoy a culture of collaboration, creativity, and mutual respect and are challenged to do their best to make a difference every day. We help everyday families achieve their financial goals and make a lasting difference in their lives and communities. What we do We help everyday families achieve their financial goals and make a lasting difference in their lives and communities. We will continue to do this by employing enthusiastic and talented Financial Advisers working across the country and equally talented people to be based at our Head Office in Bromley.

Senior SOC Analyst Hemel Hempstead, UK - Onsite 24/7 Shift Pattern Competitive Salary DV Clearance Eligible (British Citizens Only) Are you an experienced SOC Analyst ready to play a crucial role in defending the UK's most critical systems? Join a top-tier consultancy that operates at the sharp end of cybersecurity within defence, aerospace, and national security.We're looking for an experienced SOC Analyst to join our high-performing Security Operations Centre in Farnborough. This is a unique chance to contribute to real-world cyber defence, on country critical technology, pitting your SCO skills against state of the art attacks.As the SOC Analyst, you will: Monitoring and triaging alerts across secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance - British citizens who have resided in the UK for the past 10 years This SOC role will give you an opportunity to utilise your SOC skills defending against a number of threats, including nation states.If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.

IT Security Analyst Location: London - Remote with occasional travel to office Salary: £50,000 + Flexible Benefits Scheme Contract type: Permanent About the Role Morson Edge have partnered with a leading organisation to recruit a skilled IT Security Analyst to play a key role in protecting our clients digital infrastructure. You ll monitor security systems, analyse threats, and respond to incidents ensuring the confidentiality, integrity, and availability of information assets. Working closely with the IT Security Manager, you ll help strengthen defences, resolve security issues, and contribute to a proactive cyber-security culture. Key Responsibilities Monitor the organisation s networks and systems for potential security issues. Investigate and resolve cyber incidents promptly and effectively. Implement and manage security measures including firewalls, encryption, and endpoint protection. Maintain clear documentation of breaches, assessments, and remediation actions. Conduct vulnerability testing, penetration testing, and risk assessments. Collaborate with the IT Security Manager to identify and mitigate network vulnerabilities. Analyse logs from multiple sources to detect and respond to abnormal activity. Assist with internal and external security audits and compliance reviews. Evaluate and recommend improvements to enhance security posture. Support vendor security assessments and ensure third-party compliance with internal standards. Contribute to continuous improvement of the organisation s cyber-security framework and strategy. Skills and Experience Essential: Degree in Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or equivalent. Knowledge of ITIL processes and cyber governance frameworks. Experience with scripting, automation, and digital forensics. Awareness of PCI DSS, SDLC, and network analysis principles. This is a great opportunity to join a leading organisation, this role is mostly remote with occasional travel to London, please note this role cannot offer sponsorship. Please apply to hear more!

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT) / SOC Level 3 Analyst is to respond to high-severity cybersecurity incidents and escalated events or alerts, using experience and industry tools to expedite containment, eradication, and recovery strategies that minimise business impact and protect network systems and customer data from cyber threats. Dimensions People Work collaboratively in a team of around 14 cyber security operations staff. Mentor Level 1 and Level 2 SOC Analysts, providing guidance and training. Suppliers Regular interaction with technical resources from outsourced Managed Security Service Providers (MSSPs) and cyber security tooling vendors. Communication Communicate technical cybersecurity concepts to both technical and non-technical colleagues across all levels of seniority. Stakeholders Build and maintain collaborative working relationships with internal technology teams, external partners, suppliers, and providers to drive outcomes and agree on courses of action. Principal Responsibilities Advanced Threat Hunting: Analyse and assess multiple threat intelligence sources and indicators of compromise (IOC) to identify patterns, vulnerabilities, and anomalies, then use this intelligence and tooling to uncover and remove hidden threats that may have bypassed existing defences across IT and OT environments. Policy Development: Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve reporting dashboards and security/performance metrics to drive continuous improvement in security operations. Security Tools Support: Support the implementation, maintenance, and configuration of security tools and systems for prevention, detection, and response. Audit: Contribute to security audits (e.g. SOC Type II, NCSC CAF, ISO 27001) and ensure compliance with regulations and standards. Continuous Improvement: Automate event monitoring, detection, and response. Enhance alert use cases and log correlation processes to adapt to evolving threats. Nature and Scope The Information Systems Department provides and optimises technology solutions to improve organisational operations. This role underpins that mission by strengthening cyber security operations. The main measure of success is upholding IT, OT, and organisational resilience against cyber threats and incidents. Qualifications Considerable experience in a SOC Level 2 or 3 role with expertise in advanced threat hunting and incident response across IT and OT environments. SOC-specific training, qualifications, or a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding of adversarial TTPs and frameworks such as MITRE ATT&CK. Experience with SIEM and SOAR solutions, IAM, and DLP tools (e.g. FortiSIEM, Q-Radar, Microsoft Secure Gateway, Darktrace, Microsoft Defender, Sentinel). Experience developing incident response playbooks, SOAR workflows, red-team exercises, and tabletop simulations. Experience in investigating advanced intrusions, such as targeted ransomware or state-sponsored attacks. Summary: My client are looking for an experienced Incident Response (CSIRT) / SOC Level 3 Analyst with deep expertise in advanced threat hunting, incident response, and cyber defence operations, capable of leading on high-severity incidents and mentoring junior analysts while strengthening resilience across IT and OT environments.

Role: IT SecOps Engineer Contract Type: Permanent Location: Banbury / Hybrid working, 3 days in office. This role can be based out of any office on the Chiltern network Salary: Up to 58,000 per annum Closing Date: Monday 24th November 2025 There is an expectations to travel to different Chiltern sites outside of your base location to support wider colleagues and attend meetings. Job Purpose The IT Security Operations Engineer is responsible for protecting the digital services that support a safe and reliable journey for our passengers and a secure working environment for our staff. This is a hands-on role focused on strengthening our security posture through technical expertise and cross-departmental collaboration. You will report into the IT Information Security Manager with expected collaboration with the wider IT Team management, representing Digital, Data and Technology (DDaT). Key purposes of this role include: Safeguarding Operations: Actively manage and enhance our security platforms (primarily SIEM, XDR and IDAM polices) to detect, prevent, and respond to cyber threats across our IT and operational networks. Implementing and reviewing Security Controls: Serve as the subject matter expert for implementing technical security controls on applications, networks, and infrastructure to mitigate risk. Fostering Collaboration: Work closely with a wide range of internal teams, from IT colleagues to Train Engineers, to ensure security best practices are understood and integrated into their processes and systems. Key Accountabilities Threat and Vulnerability Management Develop incidence response and security measures for protection. Complete risk and exploitability assessments against vulnerabilities and live threats. Serve as a subject matter expert in vulnerability management for incident response and risk assessments. Oversee patching compliance and report/escalate vulnerabilities for remediation. Security tooling and Process Improvement Manage the deployment of new security tools, ensuring existing tools are maintained and tuned. Identify gaps, implement enhancements, and drive automation for continuous improvement. Integrate tools with SIEM, CMDB, and ticketing systems to streamline workflows. Create and update troubleshooting guides and knowledge base articles to support the wider team. Compliance and Governance Ensure practices meet known frameworks and standards including (but not restricted to): Cyber Essentials Plus, Cyber Assessment Framework, ISO 27001, and CIS. Support and participate in internal and external security audits, providing technical assurance and evidence to ensure our systems adhere to required standards. Collaboration and Mentorship Represent the function in cross-functional forums, steering committees, and stakeholder engagements. Provide mentorship to the DDaT team members, promoting a culture of continuous improvement. Person Specification Essential A background in IT infrastructure, cloud services, and cyber security. Proven continuous development in both technical and soft domains. Proficiency with security tools and technologies such as SIEM, DLP, network protection, threat detection, and endpoint protection. An understanding of network infrastructure such as VPNs, firewalls, switches, routers, LANs, Intrusion Detection, and vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ-500), or the ability to demonstrate equivalent knowledge. Desirable Familiarity with the Microsoft security suite: Defender, InTune, Purview, EntraID, and Azure. Further certifications such as CISSP, CISM, or CRISC are advantageous Familiarity with PCI-DSS standards. Experience influencing cyber security investments and initiatives by providing expert advice to stakeholders and management. Educated to degree level or equivalent.

Information Security Engineer Full time Permanent 50,000 - 55,000 Per Annum, Plus Benefits Package Location: Central Birmingham, West Midlands (Hybrid Working - 2 days per week onsite) Our leading services client in Birmingham is seeking a highly skilled Information Security Engineer/Analyst on a full time basis, to help strengthen their Cyber Security posture and safeguard their systems and data. Reporting directly to the Head of IT this is a hands-on technical role focused on securing enterprise applications, infrastructure, and sensitive data. You'll be instrumental in implementing and maintaining robust security measures, conducting assessments, and responding to incidents. Collaboration across departments will be key to embedding security best practices throughout the organisation. Key Duties & Responsibilities: Evaluate application architecture, source code, and third-party integration's for security risks Support secure software development lifecycle (SDLC) processes and promote secure coding standards Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with policies Produce monthly security reports and maintain documentation Required Skills & Experience: Recent and significant experience in cyber security or information security roles Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, Cyber Essentials+ Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual leave plus stautory - 1 x extra day every year for the first 3 years Blue Light Card Medicash - includes discounted gym memberships etc. If your profile demonstrates strong and recent experience in the above areas - please submit your application ASAP to Jackie Dean at TXP for consideration. TXP takes great pride in representing socially responsible clients who not only prioritise diversity and inclusion but also actively combat social inequality. Together, we have the power to make a profound impact on fostering a more equitable and inclusive society. By working with us, you become part of a movement dedicated to promoting a diverse and inclusive workforce.

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.

*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.

Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources

Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Cloud Engineer to work within one of the most progressive private equity houses / investment managers in the Financial Services sector. Since their inception 50 years ago they have gained a march on their competition by being early pioneers in the green energy sector. The Cloud Engineer will play a crucial role in delivering technical solutions across a primarily Microsoft Stack. This role involves identifying and implementing new technology opportunities, managing technical projects, and ensuring the seamless integration of new technologies into the existing infrastructure. This role will be based in the City for 4 days per week, with 1 day remotely, and the package includes a very generous bonus and the full range of banking benefits.Required Experience: Demonstrate success in leading technical projects to best practice maturity levels, resulting in highly reliable technology infrastructure and efficient services. Established knowledge of infrastructure technologies and principles to an expert level, including Microsoft technology services, Networking, Security, Cloud and Backup Services. Ability to identify potential risks in technical operations and develop mitigation strategies to prevent disruptions. Ideal certifications: (or demonstrable equivalent competency and knowledge) o ITIL certified (at least v3) Prince 2. o Microsoft Certified Solutions Architect o Microsoft Enterprise Administrator o Microsoft Security Operations Analyst Associate o Microsoft 365 Endpoint Administratoro InTune Please note you will receive an automated response advising you that we have received your CV. Morgan Philips Group is a global talent solutions business that disrupts conventional thinking in executive search, recruitment and talent consulting. We operate in over 18 markets in Europe, North & South America, Asia, and the Middle East & Africa. We understand that the future is digital and social, so we embrace the latest technology, including video ads and CVs, as well as social recruiting. Our innovative services are tailored to the new world of work yet we do not lose sight of the fact that employees be they existing and potential are ultimately human beings. We are committed to ensuring that all job applicants are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.

"At Klipboard we've introduced a flexible hybrid work policy, where employees spend three days in the office and two days working from home. This approach promotes a balanced work environment that combines office collaboration with the comfort and convenience of remote work." Klipboard provides specialist software, services and support to deliver fully integrated trading and business management solutions to companies in the distributive trade - wherever they are in the world. With a unique depth of knowledge and experience in ERP/SaaS solutions, Klipboard has a wide range of clients includes wholesalers, distributors, merchants and retailers from small traders to multinational enterprises. Klipboard has offices in the UK, Ireland, The Netherlands, South Africa, Kenya and North America. Our mission is simple: to design and deliver high performance, integrated ERP solutions that enable our distributive trade customers to source effectively, stock efficiently, sell profitably and service competitively You will join a global IT team, supporting end users from all regions. As well as assisting our global end users you will also help shape and develop the services we provide, as it continuously improves and evolves. Key Responsibilities: Provide exceptional network, hardware and software/application support to our employees via Email, Telephone, Microsoft Teams and in person. Document IT processes, procedures, and solutions for use by others. Work with the team and other departments to assist in developing automated ITSM processes. Provide end-user training of applications as part of an on-boarding process to new employees of Klipboard Collaborate with colleagues across different time zones and cultures, projecting a professional image at all times Enjoy a dynamic work environment with the potential of rotating shifts that offer flexibility and variety. This may include evenings and weekends. The potential of undertaking 24/7 on call with compensation. Candidates will have the opportunity to travel to other Klipboard office locations, where necessary Be a key part of project work where required, working closely with the IT infrastructure and IT Security teams Any other duties as requested that are commensurate with the role. Skills, Knowledge and Experience: Essential Excellent communication and interpersonal skills. Proven experience as an IT Support Analyst or similar role covering: Windows 11 Active Directory Microsoft 365/Entra End user device deployment and management Ability to investigate unfamiliar problems and generate an effective solution in a systematic and logical manner As well as being able to work effectively as a member of a team, they must also be able to organise and manage their own workload Ability to work across different time zones and adapt to diverse cultural environments Desirable Exposure/knowledge of: Tanium ServiceNow ITSM ITIL V4 framework Administration of MacOS in an enterprise environment Microsoft intune/Endpoint Management Understanding of networking/infrastructure with CompTIA or similar qualification Company Info You may also have seen from our recent posts that we are excited to begin sharing our new company name - Klipboard. Kerridge Commercial Systems (KCS) is becoming Klipboard and our new brand is designed to bring together our expertise across distribution, automotive, retail, rental, transport management, manufacturing, and field service management. We have offices based across the world and we are looking for talented individuals to join our growing teams. Due to our growth over the last few years it is an exciting time to join us as we enter our next chapter! At Klipboard we've introduced a flexible hybrid work policy, where employees spend three days in the office and two days working from home. This approach promotes a balanced work environment that combines office collaboration with the comfort and convenience of remote work." Equal Opportunities As a global company, we value and respect the diversity of our workforce, aiming to empower everyone to embrace each other's differences. We are committed to creating an inclusive workplace where diversity, equity, and inclusion are integral to our company and culture. We recognize the benefits of a diverse workforce, where creativity and valuing differences enable us all to thrive and sparks innovation. If you require any help, adjustments and/or support during the interview and offer process then please advise our TA or HR team. Research shows that women and other underrepresented groups are less likely to apply for a role unless they meet every listed requirement. However, we recognise that skills and experience come in many forms, and we encourage you to apply even if you don't meet every criterion. If you are passionate about this role and believe you have the right mindset and transferrable skills, we would love to hear from you! To all recruitment agencies: Klipboard does not accept agency speculative resumes. At present we only accept CV's from Agencies on our PSL who have been assigned specific position/s. Please do not forward resumes to our careers site or direct to Klipboard employee as this does not constitute an introduction and Klipboard retrospectively will not be liable for any candidate ownership or fees related to unsolicited resumes

Are you a Cyber Security Analyst looking for a role where you'll play a key role in detecting, responding to, and preventing security threats across the organisation where you'll be strengthening defences in a complex, evolving environment. This is a chance to join a forward-thinking organisation where security is critical to their operations. You'll be part of a collaborative technical team, working to keep systems secure, resilient, and compliant. What you'll be doing Monitoring and strengthening security across on-premises and cloud environments. Running annual penetration tests and remediating identified vulnerabilities. Responding to security incidents, investigating alerts, and reducing risks. Carrying out vulnerability scans and patch management. Supporting Disaster Recovery and Business Continuity testing. Ensuring compliance with industry security frameworks and policies. Raising awareness of cyber threats and best practice across the business. Working with external partners, tools, and vendors to improve security controls. Exploring and testing new technologies to enhance defence. What we're looking for Relevant certifications (CompTIA Security+, CySA+, PenTest+, or Microsoft Azure Security). Experience with firewalls, networking, Microsoft environments, and endpoint security. Knowledge of cloud security (Azure or other cloud platforms). Good awareness of cyber threats, attack techniques, and security tooling. Strong analytical and problem-solving skills with the ability to work independently. What you'll get in return Annual bonus. Exposure to greenfield projects and modern tooling. Time for R&D and professional development. Training and certification budget. Private healthcare package.

My client is a leading international Services busines and is looking for a forward thinking Senior Cyber Security Analyst to join our ambitious team on an exciting growth journey. In this key role, you will: Maintain and enhance our accredited Information Security Management System (ISMS), focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security standards, and frameworks such as MITRE ATT&CK and NIST . If you have a strong technical background in cyber security and Crowdstrike Falcon , thrive on continuous improvement, and enjoy empowering those around you, this is your chance to make a difference in a forward-thinking organisation committed to innovation and sustainability. This role is 3 days working hybrid in Crewe DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality

Job Description: Job Title: Application Security Analyst Corporate Title: Vice President Location: Chester Role Description: Resource will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. Will develop and implement custom alerts and dashboards monitoring controls based on OSI layer 7 attack and threat indicators. Provides leadership in assessing new threat vectors and designing and implementing effective controls. Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools. Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. Responsible for mentoring and developing the skill sets of less experienced team members. Develops and implements processes or controls in support of audit and risk requirements. The Team: The Network and Endpoint Cybersecurity Operations team provides the first line of defense for Bank of America's global network. It defends against various threats including DDoS, Malware, Web Based Attacks, Remote Attacks, and provides network access assurance across our network and endpoint boundaries. Provides network and endpoint anomaly monitoring for indicators of compromise, and a 24x7 rapid response capability for network and endpoint security related events and incidents. Core Skills: Required Skills: Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network-based bank assets. Strong Intrusion Analysis background. Resource must be able to identify and interpret weblogs from various webservers. Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs. Working knowledge of Linux, Windows, and OS X operating systems. Comfortable with scripting languages and regular expressions Strong knowledge common network protocols Working knowledge of enterprise Client / Server architecture Working knowledge of OSI model 3 through 7 We are a front-line team that handles active security events and highly current threats. On call and after-hours work can be expected although we rotate to approximately one week every 2 months. The analyst will use new intelligence to update existing controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team. Preferred Skills: Experience doing packet captures and interpreting them (wireshark for example). Understanding of stateful firewalls and able to interpret firewall rules. Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs. Full understanding of modern web site deployments and technology. Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion. Use tools to detect anomalous/malicious data transmissions on the network. Use advanced analytics / security tools to detect malware on the network. Bank of America: Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates. In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here. Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well. We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience. We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment. Job Band: H5 Shift: Hours Per Week: 35 Weekly Schedule: Referral Bonus Amount: 0

Cyber Security Analyst Permanent - Salary £35,000 - £40,000 + Excellent Company Benefits Luton - Mon-Fri - 9am-5:30pm | Onsite - (flexible working) Lucid Connect are working in partnership with a leading organisation in the Bedfordshire area. The Cyber Security Analyst are required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve general security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security. Daily Duties: Endpoint monitoring and analysis Incident readiness and handling as part of the CSIRT team Monitor and administer Security Information and Event Management Malware analysis and forensics research Understanding/differentiation of intrusion attempts and false positives Investigation tracking and threat resolution Vulnerability identification & mitigation/remediation Compose security alert notifications Help develop cyber security process & procedures Advise incident responders & other teams on threat Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents/events To take a pro-active approach in this job role, through monitoring the performance of systems and making regular routine inspections of installed equipment and taking corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets Analysis of weekly vulnerability scans and add the risks to the risk register Key Requirements: A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. Knowledge & experience in Microsoft Windows Operating Systems. Knowledge & experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Abilities in multi-tasking, prioritizing work, and handling competing interests Abilities in analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Good Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation Firewall/UTMs) A very good team working ethic, communicating with colleagues in a clear and professional manner, whilst maintaining a customer-service based approach. The ability to work alone using own initiative and managing support calls to a high standard Self-motivated to advance own knowledge & gain formal qualifications Desirable IT Qualifications/Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience