41 jobs found

1st Line Support Analyst up to £28,000 per annum Bromley, Kent Permanent Full Time We have an exciting opportunity for a 1st Line support analyst in our Service Desk team. Using your skills in technical analysis and 1st Line Support you will be responsible for supporting our internal employees, assisting with PC, applications, server, networking and hardware issues either in person, email, Teams, or via phone. You will be resolving issues in a timely manner and taking ownership of tasks allocated to you, escalating issues to 2nd and 3rd Line Support. Your day to day will include: Dealing with Microsoft operating systems (e.g. Windows 11, Windows server, Microsoft Office 365), networking and Active Directory Troubleshooting MS Office, antivirus software Analysing, prioritising and fixing all requests for both Head Office and Field staff and escalate issues to 3rd line as appropriate Configuring/decommissioning users Building and configuring desktops/laptops Monitoring and checking backups, capacity, security, hardware/software and operating system issues with the fileservers and network equipment Monitoring and checking system logs Ensuring anti-virus/anti-spam is current and kept up to date on all devices Assisting and participating in project work Ensuring prioritisation of daily workload Assisting with the rollout of software updates for both Head Office and Field users (SCCM knowledge would be beneficial to this role) Overseeing stock allocation in the Computer Room Comprehensive support for Microsoft environments Advanced troubleshooting of Microsoft Office & security applications Incident management and resolution User account lifecycle management Hardware and device setup Backup and system monitoring Log analysis and proactive maintenance Endpoint security management Collaboration with 1st Line Support Participation in IT projects Software deployment and patch management Asset and inventory management What we need from you: Proven experience working in a Service Desk function/ 1st Line Support Strong expertise in Windows 10/11 Proven experience with MS Office 365 Ability to work independently on 2nd line technical issues Strong understanding of Active Directory administration Expertise in Microsoft 365 ecosystem - Support and configuration of Exchange Online, OneDrive, SharePoint, Teams, and endpoint management. Proficiency in remote access tools such as LogMeIn, TeamViewer, or Microsoft Remote Desktop. Comprehensive knowledge of PC hardware and software setup/configuration - Including OS installation, driver management, and troubleshooting hardware failures. Fundamental understanding of networking - TCP/IP, DNS, DHCP, VPN, VLANs, and basic firewall configurations. ITIL framework awareness - Understanding of incident, problem, and change management processes within an ITIL-based service environment. Security awareness and best practices - Understanding of cybersecurity fundamentals, MFA, endpoint security solutions, and compliance requirements. Proven experience in Windows 10/11 Understanding and or knowledge of HaloITSM Good understanding of configuration of Active Directory Experience of Remote Access tools such as Log Me In Good understanding of PC hardware/software set-up/configuration and TCP/IP Technical experience in video conferencing, AV setups, telephone systems, Teams meeting rooms and preventative maintenance Experience of Incident and problem management from initiation through to closure Ability to create clear, concise, and user-friendly Knowledge Articles and Standard Operating Procedures (SOPs), ensuring documentation is accurate, up-to-date, and aligned with ITIL best practices. Able to work under pressure and to defined deadlines Good problem-solving skills Exceptional telephone manner Basic understanding of networks Supporting VIPs and ExCo members Full driving licence and own car preferred to be able to attend IT emergencies. Qualifications Microsoft 365 Fundamentals (MS-900) - essential ITIL foundation v3 - ideal ITSM platforms like Halo, FreshService, Service Now, Ivanti - preferred SCCM, WDS - preferred You will be required to work 40 hours per week. Monday to Friday. You will do an 8-hour shift, start time is 7.30am with 45 minutes lunch break. You will also be required to work an out of hours shift on a 1 week in 3 rota basis. This will be to You may be required to assist with critical system maintenance and updates that need to be performed outside of normal working hours to minimise disruption to business operations. assist in the systems maintenance tasks that cannot be performed during normal working hours. What we offer you: Basic salary up to £28,000 per annum. Bonus up to 7% dependant on your performance and company performance. Contributory Pension Plan (Company matches up to 5%). 25 days plus bank holidays. Life Assurance. 4x times pensionable earnings. Season Ticket Loan Employee Support Scheme Free Foresters Go Membership (Claimed back once ISA set up) plus additional 3% allocation rate We are a purpose driven organisation and we want to enable everyone that is a part of Foresters to channel their passion and enthusiasm into the charitable efforts that you care about. That is why we have created the Working for Purpose programme where we give you 1 day to volunteer with the charity of your choice. About us Foresters Financial is not your typical financial services provider. Those who join our purpose-driven organisation enjoy a culture of collaboration, creativity, and mutual respect and are challenged to do their best to make a difference every day. We help everyday families achieve their financial goals and make a lasting difference in their lives and communities. What we do We help everyday families achieve their financial goals and make a lasting difference in their lives and communities. We will continue to do this by employing enthusiastic and talented Financial Advisers working across the country and equally talented people to be based at our Head Office in Bromley.

Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)

Operations Analyst Annual Salary of £41,000-£45,000 Permanent, Full-time Watford Operations Analyst required to join a dynamic team within a leading national organisation. This role is ideal for a technically driven professional who enjoys being challenged, thrives in an evolving environment, and is motivated by continuous improvement and repeated success. In this role, you will support a large and diverse user base across hundreds of UK sites, working with the latest cloud and on-premises technologies. You will be heavily involved in maintaining core infrastructure, improving operational processes, and contributing to the organisation's long-term technology roadmap. Key responsibilities of the Operations Analyst Deliver day-to-day operational support for cloud-hosted and on-premises server environments and networks Work closely with Application Support colleagues to diagnose and resolve service issues Maintain and enhance infrastructure to ensure secure, stable, and highly available services for approximately 6,500 users across 300 locations Contribute to lifecycle management and continuous improvement initiatives Support the planning, testing, and rollout of infrastructure changes and upgrades Build strong working relationships with internal teams and external partners Uphold cybersecurity best practice and support efforts to retain security accreditations Required skills and experience of the Operations Analyst Broad experience as a Microsoft-focused Cloud Engineer or Operations Analyst Strong knowledge of Azure services, including IaaS, PaaS, ASR, and M365 (Exchange Online, Teams, OneDrive) Understanding of Azure networking components: private endpoints, Azure Firewall, VPNs, IP Groups Experience working with Windows Server, Windows Desktop, and Linux environments Windows Server, Active Directory, Hyper-V PowerShell for automation and scripting. Experience with monitoring tools, Log Analytics, Sentinel and alerting platforms Familiarity with Logic Apps, API Management, and Azure Application Proxy Strong knowledge of LAN/WAN technologies including switching, routing, firewalls, MPLS, VRF, SD-WAN and DNS/DHCP services This role offers the chance to work with modern cloud technologies, contribute to meaningful infrastructure improvements, and develop your skills within a supportive team environment. If you believe you have the necessary skills, ambition and experience for the Operations Analyst role, please apply now, or contact Kyle Fitzgerald at Sellick Partnership. With the department workload increasing due to the success of the organisation, the client is looking for a relatively quick appointment. Sellick Partnership is proud to be an inclusive and accessible recruitment business and we support applications from candidates of all backgrounds and circumstances. Please note, our advertisements use years' experience, hourly rates, and salary levels purely as a guide and we assess applications based on the experience and skills evidenced on the CV. For information on how your personal details may be used by Sellick Partnership, please review our data processing notice on our website.

Pay: £30,780.00-£40,209.00 per year Job Description: Salary: £30,780 - £40,209 per annum Contract: Fixed term, 12 months Location: Hybrid - Kings Lynn We are looking for a Technical Services Analyst to join our friendly and forward-thinking ICT team as they modernise their digital infrastructure. This is a fantastic opportunity to provide second-line support across Microsoft 365, Teams Voice, and Windows environments. You'll help staff resolve technical issues, support meeting room AV systems, manage endpoints, and assist with server administration and ICT projects. You'll also play a key role in maintaining documentation, technical standards, and asset registers, ensuring systems remain secure, reliable, and efficient. Key Responsibilities Provide Tier 2 technical support for hardware, operating systems, Microsoft 365, Teams, and endpoint devices. Deliver first-line support for meeting room AV systems (Teams Rooms). Administer Microsoft 365 services including Exchange Online, Teams, SharePoint, and the wider Office suite. Support Teams Voice and telephony platforms. Assist with Active Directory/Entra ID administration, including user management and group policies. Help configure, patch, and monitor Windows servers. Manage endpoints using Intune or similar platforms. Maintain ICT asset registers and documentation. Collaborate on ICT infrastructure projects, supporting planning, testing, and deployment. Ensure compliance with cybersecurity best practices. What We're Looking For Essential Knowledge & Skills: Minimum 2 years' experience in ICT support or similar technical environment. Strong knowledge of Windows 10/11 operating systems. Good understanding of Microsoft 365 administration (Teams, Exchange, SharePoint, Office suite). Familiarity with Active Directory/Entra ID. Awareness of cybersecurity best practices. Understanding of ICT infrastructure including servers, networks, and telephony. Excellent troubleshooting, communication, and documentation skills. Ability to work under pressure and meet deadlines. Desirable Knowledge & Skills: Experience with Intune and endpoint management. Familiarity with ITIL-based Service Desk processes. Experience maintaining ICT asset registers or CMDBs. Public sector or local government ICT experience. Ability to explain technical information clearly to non-technical users

Excellent opportunity for a Service Desk Analyst to join a leading IT and Communications service provider in the South West. Job Title: Service Desk Analyst Job Type: Permanent; Full Time Salary: £25,000 - £30,000 Location: Exeter About the Service Desk Analyst role : Join a constantly growing team in a company that has clients across the UK and beyond with a penchant for progression. You will be working with clients on a daily basis, supporting their continued success via our ticketing platform and remote support software as well as regular visits to client premises. You will have a logical approach and attention to detail, be confident, highly organised, flexible, reliable and able to manage tasks and prioritise within tight deadlines. Key responsibilities of the Service Desk Analyst: - Provide first line technical support to our customers via our ticketing platform, email, phone and remote support tools - Diagnose and resolve common desktop, laptop, printer and basic networking issues - Set up and configure new user accounts, devices and applications - Assist with routine maintenance tasks, patching and monitoring - Escalate more complex issues to senior engineers where appropriate - Support small project tasks under the guidance of more senior team members - Accurately document work, updates and solutions in our service desk system Requirements of the Service Desk Analyst: - Motivated team player with high standards of customer service - Excellent analytical and problem-solving skills, with a strong attention to detail even when working under pressure. - Methodical and able to approach complex problems logically - Excellent written and verbal communication skills at all levels, both technical and non-technical audiences, including 3rd party vendor communications as part of a larger project team - Aptitude for continuous learning and development, including self-directed study when appropriate - You must be enthusiastic, inquisitive, presentable, confident & articulate with an excellent telephone manner - Your own car and a clean driving licence would be advantageous (costs will be reimbursed) - Degree-level or higher qualification in BSc Cyber Security, BSc Computer Science, BSc Software Engineering, BSc Mathematics, MSc Cyber Security is desirable - Any relevant industry certifications Must be able to demonstrate some of the following: - Knowledge of Microsoft operating systems ideally up to Windows Server 2025 and certainly Windows 11, including Active Directory and DNS - Understanding of network topologies including wired / wireless, switching, security and VLANs. - Implementation of networking upgrades desirable - Experience of basic security hardening and penetration testing would be advantageous - Experience of conducting audits e.g. asset management, cyber security etc. - Experience with PowerShell for administration and automation - Experience of supporting organisations to achieve Cyber Essentials / CE+ a distinct advantage - Office 365 Administration. Office 365 migration experience desirable - Azure Administration and migration experience - Experience of server and workstation hardware builds, fault diagnosis and problem resolution - Experience of a wide range of Endpoint Security solutions and managed mail security, including centralised management and monitoring - Familiarity with patch management, configuration management and MDM solutions desirable - Experience of the managed deployment of client applications and application migration - Experience with SQL Server and SQL database administration and upgrades would be advantageous - Familiarity with supporting all common end user software including Microsoft Office - Experience of technical writing, documenting solutions or writing / designing training materials - Experience with other scripting and programming languages e.g. Python, Go, Swift etc. Benefits of the Service Desk Analyst: - Paid holidays + Bank Holidays - Opportunities to progress

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary: £50,000 - £60,000 depending on experience Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working arrangements Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness. Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts. Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services. Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC). Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks. Desirables: Identify root causes of security incidents and recommend sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours. Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies. Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness. Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations. Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities. Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment. Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity. Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity. What we're looking for from you: Demonstratable experience handling incidents, such as: Ransomware containment + remediation Business email compromise investigations Cloud account takeover Insider threat events Large-scale phishing attacks Leading incident response calls, advising leadership, and writing executive summaries Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. JBRP1_UKTJ

Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.

Business Unit: Chief Data Office Salary range: £40,800 to £51,000 per annum Location: UK hybrid - with travel to one of our UK Virgin Money hubs when required Contract type : Permanent Our Team We're at our best when we have something to drive us forward, a belief that underlines who we are and what we do. Our Purpose: We want to make banking fairer and more rewarding - and that idea starts with every single one of us here at Virgin Money. Wanting to provide a simply brilliant experience? Excited to start your next adventure? You might have just found it. The Security Engineering team is part of Technical Operations and Cyber Security within Virgin Money and we maintain the Bank's Security tools & applications. Our aim of Security Engineering is to cultivate unwavering trust in our products and services by engineering resilient security solutions that protect our users and customers from evolving threats. We strive to be the invisible shield, working tirelessly to ensure their data and digital experiences remain safe, secure, and uninterrupted. By joining our team, you will become a vital part of this mission, contributing your unique skills and perspectives to building a safer digital future. What you'll be doing Proactively use security engineering tools to identify and mitigate security risks based on an in-depth understanding of network protocols, endpoint security and vulnerabilities. Develop and implement security measures using specialised tools based on Cyber security best practices. Working alongside project teams and other stakeholders to ensure solutions meet the strategic needs of Virgin Money. Helping to design, roll out and manage Microsoft Security technologies, with a particular focus on Defender for Endpoint and Defender for Servers. Support and build endpoint & server security capabilities, including deciding on the granularities of controls from a threat-led perspective (e.g., application level, environment level, network level, network policies, mapping attack paths, and building mitigations). Contribute significantly to team culture and the ongoing evolution of security engineering practices. Implement automation to remove repetitive manual tasks. We need you to have Hands-on experience with Microsoft Security technologies. For example, Defender for Endpoint, Defender for Servers and Defender XDR, including deployment, policy configuration, and incident response workflows. Familiarity with deploying Infrastructure as Code and using CI/CD technologies, such as Azure DevOps. Hands-on experience implementing Microsoft Defender for Endpoint and Defender for Servers in cloud and hybrid environments. Previous experience working with security best practices - e.g. Zero trust, defence in depth, least privilege, security hardening and compliance. Experience in applying zero-trust principles to secure large-scale IT infrastructures, demonstrated by successful deployments within a corporate setting. It's a bonus if you have but not essential Experience as a Cyber Security Engineer, Cyber Security Analyst with an interest in becoming a Cyber Security Engineer. Experience with Terraform, Python, Javascript/Node.js, PowerShell or Bash Knowledge of infrastructure and application monitoring, such as Icinga, Elastic Stack or Dynatrace. Endpoint Security certifications (especially Microsoft centric) would be advantageous. Proven ability to design and deploy endpoint/server security solutions. Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if Part-Time) plus the option to buy more. Up to five extra paid well-being days per year. 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early, please ensure to submit your applications as soon as possible. We're all about helping you Live a Life More Virgin , so happy to talk flexible working with you. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team It's important to note that there may be occasions where it's not possible to interview all candidates declaring a disability who meet the essential criteria for the job. In certain recruitment situations such as receiving a high-volume of applications, we may need to limit the overall numbers of interviews offered to both disabled and non-disabled applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth

Role: SIEM Application Engineer Location: Birmingham or Manchester or Ipswich (Hybrid) Duration: 3 Months with possible extension Day rate: 450 - 550 via Umbrella Overview We are looking for an SIEM Application Engineer to support our security operations by reviewing and optimising detections within our production Elastic Security platform. This role focuses solely on detection analysis, rule refinement, and reporting , rather than SIEM platform engineering or DevOps. Key Responsibilities Analyse alerts generated by Elastic Security and validate detection accuracy. Tune and optimise existing Elastic SIEM detection rules to improve fidelity and reduce false positives. Map detections to the MITRE ATT&CK framework and identify coverage gaps. Produce clear detection reports, tuning documentation, and analysis summaries. Collaborate with SOC analysts, incident responders, and security engineering teams. Required Skills Hands-on experience with Elastic Security / Elastic SIEM, Kibana, and Elasticsearch queries (EQL/KQL) . Strong understanding of detection logic, alert tuning, and threat behaviours. Familiarity with MITRE ATT&CK. Strong written communication skills for reporting and documentation. Nice to Have Experience in SOC, detection engineering, or threat hunting. Exposure to common log types (endpoint, network, cloud). Security certifications (Elastic, Security+, CySA+, etc.).

Operations Analyst Annual Salary of 41,000- 45,000 Permanent, Full-time Watford Operations Analyst required to join a dynamic team within a leading national organisation. This role is ideal for a technically driven professional who enjoys being challenged, thrives in an evolving environment, and is motivated by continuous improvement and repeated success. In this role, you will support a large and diverse user base across hundreds of UK sites, working with the latest cloud and on-premises technologies. You will be heavily involved in maintaining core infrastructure, improving operational processes, and contributing to the organisation's long-term technology roadmap. Key responsibilities of the Operations Analyst Deliver day-to-day operational support for cloud-hosted and on-premises server environments and networks Work closely with Application Support colleagues to diagnose and resolve service issues Maintain and enhance infrastructure to ensure secure, stable, and highly available services for approximately 6,500 users across 300 locations Contribute to lifecycle management and continuous improvement initiatives Support the planning, testing, and rollout of infrastructure changes and upgrades Build strong working relationships with internal teams and external partners Uphold cybersecurity best practice and support efforts to retain security accreditations Required skills and experience of the Operations Analyst Broad experience as a Microsoft-focused Cloud Engineer or Operations Analyst Strong knowledge of Azure services, including IaaS, PaaS, ASR, and M365 (Exchange Online, Teams, OneDrive) Understanding of Azure networking components: private endpoints, Azure Firewall, VPNs, IP Groups Experience working with Windows Server, Windows Desktop, and Linux environments Windows Server, Active Directory, Hyper-V PowerShell for automation and scripting. Experience with monitoring tools, Log Analytics, Sentinel and alerting platforms Familiarity with Logic Apps, API Management, and Azure Application Proxy Strong knowledge of LAN/WAN technologies including switching, routing, firewalls, MPLS, VRF, SD-WAN and DNS/DHCP services This role offers the chance to work with modern cloud technologies, contribute to meaningful infrastructure improvements, and develop your skills within a supportive team environment. If you believe you have the necessary skills, ambition and experience for the Operations Analyst role, please apply now, or contact Kyle Fitzgerald at Sellick Partnership. With the department workload increasing due to the success of the organisation, the client is looking for a relatively quick appointment. Sellick Partnership is proud to be an inclusive and accessible recruitment business and we support applications from candidates of all backgrounds and circumstances. Please note, our advertisements use years' experience, hourly rates, and salary levels purely as a guide and we assess applications based on the experience and skills evidenced on the CV. For information on how your personal details may be used by Sellick Partnership, please review our data processing notice on our website.

Pay: 30,780.00- 40,209.00 per year Job Description: Salary: 30,780 - 40,209 per annum Contract: Fixed term, 12 months Location: Hybrid - Kings Lynn We are looking for a Technical Services Analyst to join our friendly and forward-thinking ICT team as they modernise their digital infrastructure. This is a fantastic opportunity to provide second-line support across Microsoft 365, Teams Voice, and Windows environments. You'll help staff resolve technical issues, support meeting room AV systems, manage endpoints, and assist with server administration and ICT projects. You'll also play a key role in maintaining documentation, technical standards, and asset registers, ensuring systems remain secure, reliable, and efficient. Key Responsibilities Provide Tier 2 technical support for hardware, operating systems, Microsoft 365, Teams, and endpoint devices. Deliver first-line support for meeting room AV systems (Teams Rooms). Administer Microsoft 365 services including Exchange Online, Teams, SharePoint, and the wider Office suite. Support Teams Voice and telephony platforms. Assist with Active Directory/Entra ID administration, including user management and group policies. Help configure, patch, and monitor Windows servers. Manage endpoints using Intune or similar platforms. Maintain ICT asset registers and documentation. Collaborate on ICT infrastructure projects, supporting planning, testing, and deployment. Ensure compliance with cybersecurity best practices. What We're Looking For Essential Knowledge & Skills: Minimum 2 years' experience in ICT support or similar technical environment. Strong knowledge of Windows 10/11 operating systems. Good understanding of Microsoft 365 administration (Teams, Exchange, SharePoint, Office suite). Familiarity with Active Directory/Entra ID. Awareness of cybersecurity best practices. Understanding of ICT infrastructure including servers, networks, and telephony. Excellent troubleshooting, communication, and documentation skills. Ability to work under pressure and meet deadlines. Desirable Knowledge & Skills: Experience with Intune and endpoint management. Familiarity with ITIL-based Service Desk processes. Experience maintaining ICT asset registers or CMDBs. Public sector or local government ICT experience. Ability to explain technical information clearly to non-technical users

IT Security Analyst Location: London - Remote with occasional travel to office Salary: £50,000 + Flexible Benefits Scheme Contract type: Permanent About the Role Morson Edge have partnered with a leading organisation to recruit a skilled IT Security Analyst to play a key role in protecting our clients digital infrastructure. You ll monitor security systems, analyse threats, and respond to incidents ensuring the confidentiality, integrity, and availability of information assets. Working closely with the IT Security Manager, you ll help strengthen defences, resolve security issues, and contribute to a proactive cyber-security culture. Key Responsibilities Monitor the organisation s networks and systems for potential security issues. Investigate and resolve cyber incidents promptly and effectively. Implement and manage security measures including firewalls, encryption, and endpoint protection. Maintain clear documentation of breaches, assessments, and remediation actions. Conduct vulnerability testing, penetration testing, and risk assessments. Collaborate with the IT Security Manager to identify and mitigate network vulnerabilities. Analyse logs from multiple sources to detect and respond to abnormal activity. Assist with internal and external security audits and compliance reviews. Evaluate and recommend improvements to enhance security posture. Support vendor security assessments and ensure third-party compliance with internal standards. Contribute to continuous improvement of the organisation s cyber-security framework and strategy. Skills and Experience Essential: Degree in Cyber Security, Computer Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or equivalent. Knowledge of ITIL processes and cyber governance frameworks. Experience with scripting, automation, and digital forensics. Awareness of PCI DSS, SDLC, and network analysis principles. This is a great opportunity to join a leading organisation, this role is mostly remote with occasional travel to London, please note this role cannot offer sponsorship. Please apply to hear more!

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT) / SOC Level 3 Analyst is to respond to high-severity cybersecurity incidents and escalated events or alerts, using experience and industry tools to expedite containment, eradication, and recovery strategies that minimise business impact and protect network systems and customer data from cyber threats. Dimensions People Work collaboratively in a team of around 14 cyber security operations staff. Mentor Level 1 and Level 2 SOC Analysts, providing guidance and training. Suppliers Regular interaction with technical resources from outsourced Managed Security Service Providers (MSSPs) and cyber security tooling vendors. Communication Communicate technical cybersecurity concepts to both technical and non-technical colleagues across all levels of seniority. Stakeholders Build and maintain collaborative working relationships with internal technology teams, external partners, suppliers, and providers to drive outcomes and agree on courses of action. Principal Responsibilities Advanced Threat Hunting: Analyse and assess multiple threat intelligence sources and indicators of compromise (IOC) to identify patterns, vulnerabilities, and anomalies, then use this intelligence and tooling to uncover and remove hidden threats that may have bypassed existing defences across IT and OT environments. Policy Development: Develop SOC policies, technical standards, and procedure documentation aligned to industry best practice. Log Management: Work with MSSPs and service owners to ensure log sources are onboarded into the SIEM solution. Create use cases to correlate suspicious activities across endpoints, networks, applications, and both on-premises and cloud environments. Incident Response: Improve playbooks and processes, lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse data sources such as logs, SIEM data, applications, and network traffic patterns, and recommend appropriate response actions to ensure threats are contained and eradicated. Cyber Crisis Testing: Participate in cyber-attack simulations and scenario exercises to test resilience and improve preparedness. Reporting: Develop and improve reporting dashboards and security/performance metrics to drive continuous improvement in security operations. Security Tools Support: Support the implementation, maintenance, and configuration of security tools and systems for prevention, detection, and response. Audit: Contribute to security audits (e.g. SOC Type II, NCSC CAF, ISO 27001) and ensure compliance with regulations and standards. Continuous Improvement: Automate event monitoring, detection, and response. Enhance alert use cases and log correlation processes to adapt to evolving threats. Nature and Scope The Information Systems Department provides and optimises technology solutions to improve organisational operations. This role underpins that mission by strengthening cyber security operations. The main measure of success is upholding IT, OT, and organisational resilience against cyber threats and incidents. Qualifications Considerable experience in a SOC Level 2 or 3 role with expertise in advanced threat hunting and incident response across IT and OT environments. SOC-specific training, qualifications, or a degree in Computer Science, Cybersecurity, IT, or a related subject. Ideally hold recognised security qualifications such as CISSP, AZ-500, GIAC/GCIA/GCIH, CASP+, CEH, or SIEM certifications. Strong knowledge of log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding of adversarial TTPs and frameworks such as MITRE ATT&CK. Experience with SIEM and SOAR solutions, IAM, and DLP tools (e.g. FortiSIEM, Q-Radar, Microsoft Secure Gateway, Darktrace, Microsoft Defender, Sentinel). Experience developing incident response playbooks, SOAR workflows, red-team exercises, and tabletop simulations. Experience in investigating advanced intrusions, such as targeted ransomware or state-sponsored attacks. Summary: My client are looking for an experienced Incident Response (CSIRT) / SOC Level 3 Analyst with deep expertise in advanced threat hunting, incident response, and cyber defence operations, capable of leading on high-severity incidents and mentoring junior analysts while strengthening resilience across IT and OT environments.

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.

*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.

Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources