SOC Lead/SOC Manager - London - £90,000 Nigel Frank is supporting a global technology organisation in their search for an Onsite SOC Lead/SOC Manager to join a major cybersecurity programme based in London. This is a highly visible role where you will act as the primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations Centre. Key Responsibilities Act as the primary onsite point of contact (SPOC) for all cybersecurity operational matters between the client and offshore SOC teams. Coordinate communication between stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. Strong technical knowledge of SIEM platforms such as LogRhythm, Splunk, Microsoft Sentinel, or similar. Experience working with SOAR, EDR/XDR, and threat detection technologies. Strong understanding of incident response frameworks and cybersecurity best practices. Experience managing security incidents, investigations, and response coordination.
11/03/2026
Full time
SOC Lead/SOC Manager - London - £90,000 Nigel Frank is supporting a global technology organisation in their search for an Onsite SOC Lead/SOC Manager to join a major cybersecurity programme based in London. This is a highly visible role where you will act as the primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations Centre. Key Responsibilities Act as the primary onsite point of contact (SPOC) for all cybersecurity operational matters between the client and offshore SOC teams. Coordinate communication between stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. Strong technical knowledge of SIEM platforms such as LogRhythm, Splunk, Microsoft Sentinel, or similar. Experience working with SOAR, EDR/XDR, and threat detection technologies. Strong understanding of incident response frameworks and cybersecurity best practices. Experience managing security incidents, investigations, and response coordination.
Role: T2 SOC Analyst Location: Manchester (Hybrid - 2 days on-site) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Another fantastic opportunity has opened for an experienced SOC Analyst to join a UK-based Managed Security Service Provider as a Tier 2 SOC Analyst, supporting their key client. This is a hybrid role based in Doncaster on their 24/7 SOC operation. As part of this team, you will work alongside Tier 1 and Tier 3 Analysts, as well as a SOC Lead, to deliver continuous security monitoring, analysis, and incident response for their clients. This is an excellent opportunity for a current Tier 2 SOC Analyst looking for their next challenge, or for an experienced Tier 1 Analyst ready to step up into a Tier 2 role. Key Responsibilites: Monitor, assess, and investigate security alerts using security monitoring tools in line with agreed procedures and SLAs. Classify and prioritise potential incidents according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover advanced or hidden threats. Assist with the development and optimisation of detection rules and monitoring capabilities. Provide guidance and support to Junior Analysts when required. Requirements: Active or eligible for SC Clearance Experience in a SOC environment Certifications such as CompTIA A+, S+, N+, SC-200, CySa+ In-depth knowledge of common security threats, attack vectors, and migration stategies In-depth knowledge and experience with SIEM, EDR/ERP, AV, and NetMon tools Benefits: Salary up to £40,000 15% Shift Allowance 23 days AL + 8 BH Role: T2 SOC Analyst Location: Doncaster (Hybrid - 2 days on-site) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
06/03/2026
Full time
Role: T2 SOC Analyst Location: Manchester (Hybrid - 2 days on-site) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Another fantastic opportunity has opened for an experienced SOC Analyst to join a UK-based Managed Security Service Provider as a Tier 2 SOC Analyst, supporting their key client. This is a hybrid role based in Doncaster on their 24/7 SOC operation. As part of this team, you will work alongside Tier 1 and Tier 3 Analysts, as well as a SOC Lead, to deliver continuous security monitoring, analysis, and incident response for their clients. This is an excellent opportunity for a current Tier 2 SOC Analyst looking for their next challenge, or for an experienced Tier 1 Analyst ready to step up into a Tier 2 role. Key Responsibilites: Monitor, assess, and investigate security alerts using security monitoring tools in line with agreed procedures and SLAs. Classify and prioritise potential incidents according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover advanced or hidden threats. Assist with the development and optimisation of detection rules and monitoring capabilities. Provide guidance and support to Junior Analysts when required. Requirements: Active or eligible for SC Clearance Experience in a SOC environment Certifications such as CompTIA A+, S+, N+, SC-200, CySa+ In-depth knowledge of common security threats, attack vectors, and migration stategies In-depth knowledge and experience with SIEM, EDR/ERP, AV, and NetMon tools Benefits: Salary up to £40,000 15% Shift Allowance 23 days AL + 8 BH Role: T2 SOC Analyst Location: Doncaster (Hybrid - 2 days on-site) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Role: T2 SOC Analyst Location: Manchester (Hybrid) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Another fantastic opportunity has opened for an experienced SOC Analyst to join a UK-based Managed Security Service Provider as a Tier 2 SOC Analyst, supporting their key client. This is a hybrid role based in Manchester on their 24/7 SOC operation. As part of this team, you will work alongside Tier 1 and Tier 3 Analysts, as well as a SOC Lead, to deliver continuous security monitoring, analysis, and incident response for their clients. This is an excellent opportunity for a current Tier 2 SOC Analyst looking for their next challenge, or for an experienced Tier 1 Analyst ready to step up into a Tier 2 role. Key Responsibilites: Monitor, assess, and investigate security alerts using security monitoring tools in line with agreed procedures and SLAs. Classify and prioritise potential incidents according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover advanced or hidden threats. Assist with the development and optimisation of detection rules and monitoring capabilities. Provide guidance and support to Junior Analysts when required. Requirements: Active or eligible for SC Clearance Experience in a SOC environment Certifications such as CompTIA A+, S+, N+, SC-200, CySa+ In-depth knowledge of common security threats, attack vectors, and migration stategies In-depth knowledge and experience with SIEM, EDR/ERP, AV, and NetMon tools Benefits: Salary up to £40,000 15% Shift Allowance 23 days AL + 8 BH Role: T2 SOC Analyst Location: Manchester (Hybrid) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
06/03/2026
Full time
Role: T2 SOC Analyst Location: Manchester (Hybrid) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Another fantastic opportunity has opened for an experienced SOC Analyst to join a UK-based Managed Security Service Provider as a Tier 2 SOC Analyst, supporting their key client. This is a hybrid role based in Manchester on their 24/7 SOC operation. As part of this team, you will work alongside Tier 1 and Tier 3 Analysts, as well as a SOC Lead, to deliver continuous security monitoring, analysis, and incident response for their clients. This is an excellent opportunity for a current Tier 2 SOC Analyst looking for their next challenge, or for an experienced Tier 1 Analyst ready to step up into a Tier 2 role. Key Responsibilites: Monitor, assess, and investigate security alerts using security monitoring tools in line with agreed procedures and SLAs. Classify and prioritise potential incidents according to SOC processes and recognised industry frameworks. Produce clear and concise incident tickets, drawing on internal knowledge bases and independent analysis. Apply relevant threat intelligence to SOC operations, maintaining awareness of current threat trends and defensive monitoring approaches. Carry out proactive threat hunting to uncover advanced or hidden threats. Assist with the development and optimisation of detection rules and monitoring capabilities. Provide guidance and support to Junior Analysts when required. Requirements: Active or eligible for SC Clearance Experience in a SOC environment Certifications such as CompTIA A+, S+, N+, SC-200, CySa+ In-depth knowledge of common security threats, attack vectors, and migration stategies In-depth knowledge and experience with SIEM, EDR/ERP, AV, and NetMon tools Benefits: Salary up to £40,000 15% Shift Allowance 23 days AL + 8 BH Role: T2 SOC Analyst Location: Manchester (Hybrid) Work Pattern: 24/7 (4 on 4 off) Salary: Up to £40,000 + 15% Shift Allowance Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Senior Security & Technology Consultants Location: Warton, UK (On-Site - 5 Days per Week) Clearance Required: Valid MOD DV (Mandatory) Engagement Type: Contract (Inside IR35) Day Rate: 500 - 900 per day (dependent on role and experience) Overview We are seeking experienced Security & Technology Professionals to support critical programmes in a secure defence environment. These roles span architecture, assurance, operations, and technical delivery disciplines and require individuals who can operate effectively within highly regulated, mission-critical settings. All positions are based full-time on-site in Warton (5 days per week) and require candidates to hold a current and valid MOD DV clearance at the time of application. Scope of Opportunities We are hiring across multiple security and technology disciplines, including: Security Architects Security Assurers Information Security Consultants SOC Analysts OT Architects Cross Domain SMEs IT Administrators Service Managers Product Security Managers Penetration Testing Specialists Technical Project / Programme Managers Key Responsibilities (Role Dependent) Security Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent security assurance across programmes. Support accreditation activities and compliance reviews. Develop and maintain security documentation, standards, and risk registers. Security Operations & SOC Monitor, analyse, and respond to security events and incidents. Strengthen detection, response, and resilience capabilities. Support vulnerability management and remediation activities. OT & Cross Domain Security Provide expertise in Operational Technology environments. Design and assure secure cross-domain solutions and data transfer mechanisms. Evaluate network segregation and high-assurance controls. Penetration Testing & Vulnerability Management Conduct or oversee penetration testing engagements. Assess vulnerabilities and validate remediation strategies. Support red/blue team activities where required. Service & Product Security Embed security into live service management processes. Act as Product Security lead across development lifecycles. Integrate DevSecOps controls and secure SDLC practices. Technical Delivery & Programme Support Manage security-focused technical workstreams. Provide governance reporting to senior stakeholders. Translate technical risks into business impact and mitigation plans. Essential Requirements Valid and transferable MOD DV clearance (mandatory). Availability to work on-site in Warton, 5 days per week. Strong background in one or more of the listed security disciplines. Experience working in secure, defence, or highly regulated environments. Relevant certifications (e.g., CISSP, CISM, TOGAF, CREST, cloud certifications).
05/03/2026
Contractor
Senior Security & Technology Consultants Location: Warton, UK (On-Site - 5 Days per Week) Clearance Required: Valid MOD DV (Mandatory) Engagement Type: Contract (Inside IR35) Day Rate: 500 - 900 per day (dependent on role and experience) Overview We are seeking experienced Security & Technology Professionals to support critical programmes in a secure defence environment. These roles span architecture, assurance, operations, and technical delivery disciplines and require individuals who can operate effectively within highly regulated, mission-critical settings. All positions are based full-time on-site in Warton (5 days per week) and require candidates to hold a current and valid MOD DV clearance at the time of application. Scope of Opportunities We are hiring across multiple security and technology disciplines, including: Security Architects Security Assurers Information Security Consultants SOC Analysts OT Architects Cross Domain SMEs IT Administrators Service Managers Product Security Managers Penetration Testing Specialists Technical Project / Programme Managers Key Responsibilities (Role Dependent) Security Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent security assurance across programmes. Support accreditation activities and compliance reviews. Develop and maintain security documentation, standards, and risk registers. Security Operations & SOC Monitor, analyse, and respond to security events and incidents. Strengthen detection, response, and resilience capabilities. Support vulnerability management and remediation activities. OT & Cross Domain Security Provide expertise in Operational Technology environments. Design and assure secure cross-domain solutions and data transfer mechanisms. Evaluate network segregation and high-assurance controls. Penetration Testing & Vulnerability Management Conduct or oversee penetration testing engagements. Assess vulnerabilities and validate remediation strategies. Support red/blue team activities where required. Service & Product Security Embed security into live service management processes. Act as Product Security lead across development lifecycles. Integrate DevSecOps controls and secure SDLC practices. Technical Delivery & Programme Support Manage security-focused technical workstreams. Provide governance reporting to senior stakeholders. Translate technical risks into business impact and mitigation plans. Essential Requirements Valid and transferable MOD DV clearance (mandatory). Availability to work on-site in Warton, 5 days per week. Strong background in one or more of the listed security disciplines. Experience working in secure, defence, or highly regulated environments. Relevant certifications (e.g., CISSP, CISM, TOGAF, CREST, cloud certifications).
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
24/02/2026
Contractor
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
GCP Security Engineer A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
06/10/2025
Contractor
GCP Security Engineer A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
Security Operations Engineer (GCP) A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
06/10/2025
Contractor
Security Operations Engineer (GCP) A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
GCP Security Operations Engineer A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
06/10/2025
Contractor
GCP Security Operations Engineer A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team. Day Rate: £700-£750pd IR35 Status: Outside Duration: Initial 6 months Travel: 2 days a week in Central London This GCP Security Engineer will have the previous following exp: Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis. Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk. Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures. Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR). Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.
Position: SOC Analyst Location: Cheltenham (Hybrid - 3 days a week) Contract Type: 3 months Hours: 40 per week Start Date: 16/10/2025 Holiday Entitlement: 33 days Pay Rate: £380 PAYE/£504 Umbrella PD About the Team: You will have the opportunity to leverage the latest technologies and develop your skills in an innovative, collaborative environment that supports career growth and learning. What You Will Do: As a SOC Analyst, you will play a key role in monitoring and responding to security alerts, assisting with incident investigations, and supporting clients to strengthen their security posture. Key responsibilities include: Working a combination of day and night shifts. Responding to security alerts and incidents. Collaborating closely with client analysts. Conducting detailed analysis of monitoring system data. Escalating incidents when necessary and serving as a point of contact. Planning and conducting threat hunting under supervision. Reviewing alerts for tuning opportunities. Performing proactive threat research. Supporting the creation and implementation of new detection signatures. Assisting in client engagements and service meetings. Contributing to the development of SOC playbooks. Required Skills and Experience: Strong understanding of computer networks, operating systems, software, hardware, and security principles. Knowledge of cyber security risks and mitigation strategies. Working familiarity with security technologies such as Firewalls, host intrusion prevention, and antivirus solutions. Relevant academic or industry-specific training. Preferred Attributes: Ability to identify more efficient ways of working. Maintain focus, energy, and effort under pressure. Proven creativity and innovation in problem-solving. Commitment to learning new skills, applications, and technologies. If you are interested, please apply directly. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
06/10/2025
Contractor
Position: SOC Analyst Location: Cheltenham (Hybrid - 3 days a week) Contract Type: 3 months Hours: 40 per week Start Date: 16/10/2025 Holiday Entitlement: 33 days Pay Rate: £380 PAYE/£504 Umbrella PD About the Team: You will have the opportunity to leverage the latest technologies and develop your skills in an innovative, collaborative environment that supports career growth and learning. What You Will Do: As a SOC Analyst, you will play a key role in monitoring and responding to security alerts, assisting with incident investigations, and supporting clients to strengthen their security posture. Key responsibilities include: Working a combination of day and night shifts. Responding to security alerts and incidents. Collaborating closely with client analysts. Conducting detailed analysis of monitoring system data. Escalating incidents when necessary and serving as a point of contact. Planning and conducting threat hunting under supervision. Reviewing alerts for tuning opportunities. Performing proactive threat research. Supporting the creation and implementation of new detection signatures. Assisting in client engagements and service meetings. Contributing to the development of SOC playbooks. Required Skills and Experience: Strong understanding of computer networks, operating systems, software, hardware, and security principles. Knowledge of cyber security risks and mitigation strategies. Working familiarity with security technologies such as Firewalls, host intrusion prevention, and antivirus solutions. Relevant academic or industry-specific training. Preferred Attributes: Ability to identify more efficient ways of working. Maintain focus, energy, and effort under pressure. Proven creativity and innovation in problem-solving. Commitment to learning new skills, applications, and technologies. If you are interested, please apply directly. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
LA International Computer Consultants Ltd
Cheltenham, Gloucestershire
*12 hour shift patterns & inside IR35* As a SOC Analyst you will: * Work a combination of day and night shifts. * Respond to alerts. * Work closely with client organization analysts. * Perform detailed analysis of the data captured by monitoring systems. * Escalate incidents where necessary and act as a point of contact throughout * Under supervision, plan and conduct threat hunting across client environments. * Review and identify alerts for further tuning. * Conduct proactive threat research. * Support the recommendation and implementation of new detection signatures. * Support client engagements and/or service meetings. * Support the development of SOC playbooks. The following skills and experience are required for this role: * A good understanding of computer networks, operating systems, software, hardware and security. * An understanding of cyber security risks associated with various technologies and ways to manage them. * A good working knowledge of various security technologies such as network and application Firewalls, host intrusion prevention and antivirus. * Any relevant academic or industry specific training. Set yourself apart: * Ability to seek out new ways of working more efficiently. * Sustain a high level of focus, effort, and energy. * Proven history developing innovative & creative solutions. * Strives to learn new skills, applications, and technologies through focused effort. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
06/10/2025
Contractor
*12 hour shift patterns & inside IR35* As a SOC Analyst you will: * Work a combination of day and night shifts. * Respond to alerts. * Work closely with client organization analysts. * Perform detailed analysis of the data captured by monitoring systems. * Escalate incidents where necessary and act as a point of contact throughout * Under supervision, plan and conduct threat hunting across client environments. * Review and identify alerts for further tuning. * Conduct proactive threat research. * Support the recommendation and implementation of new detection signatures. * Support client engagements and/or service meetings. * Support the development of SOC playbooks. The following skills and experience are required for this role: * A good understanding of computer networks, operating systems, software, hardware and security. * An understanding of cyber security risks associated with various technologies and ways to manage them. * A good working knowledge of various security technologies such as network and application Firewalls, host intrusion prevention and antivirus. * Any relevant academic or industry specific training. Set yourself apart: * Ability to seek out new ways of working more efficiently. * Sustain a high level of focus, effort, and energy. * Proven history developing innovative & creative solutions. * Strives to learn new skills, applications, and technologies through focused effort. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
04/10/2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Deerfoot Recruitment Solutions Limited
City, London
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
03/10/2025
Contractor
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
03/10/2025
Full time
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. If you have worked in a busy SOC with a focus on Advanced Threats, Continuous Monitoring, Security Detection please get in touch. This role will see youinvestigating suspicious activity, validating detections etc, threat hunting etc. Experience with XDR Software, Crowdstrike, Carbon Black, Mitre Attack, KQL, Microsoft Azure, Sentinel, Qualys IDS Web proxies etc please get in touch. Full details on request.
03/10/2025
Contractor
SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. If you have worked in a busy SOC with a focus on Advanced Threats, Continuous Monitoring, Security Detection please get in touch. This role will see youinvestigating suspicious activity, validating detections etc, threat hunting etc. Experience with XDR Software, Crowdstrike, Carbon Black, Mitre Attack, KQL, Microsoft Azure, Sentinel, Qualys IDS Web proxies etc please get in touch. Full details on request.
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
02/10/2025
Contractor
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
02/10/2025
Full time
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
Purple Team Analyst/Cyber Security Analyst - £90,000 base + bonus London - Canary Wharf - 2 days in the office Financial Services Purple Team Analyst/Cyber Security Analyst The Company This financial services business supports a truly global client base, managing trillions of dollars each day. They are looking to hire a Purple Team Analyst/Cyber Security Analyst into a newly created role to support increased Purple Teaming activities within the SecOps Function Purple Team Analyst/Cyber Security Analyst The Role The successful applicant for the Purple Team Analyst/Cyber Security Analyst will be responsible for: Planning, managing and running all Purple teaming activities across the SecOps and wider technology estate Producing playbooks and other documentation relevant to both Purple Teaming and the wider SecOps team Supporting the Threat hunting teams with related activities Engage in security reviews for integrations and new service s Assist with escalations from the SOC team Support with Security risk assessments for all high impact projects Review and update Security protocols to mitigate current threats and best practice Acting as a Subject Matter Expert for Purple Teaming within the wider IT Security Team Purple Team Analyst/Cyber Security Analyst Your background The successful candidate for the Purple Team Analyst/Cyber Security Analyst will have experience with: Planning and executing Purple tests Hands on IT Security analysis and security engineering in particular: Security systems Securing Networks On - call experience Malware analysis, Intrusion detection and Incident Response across a hybrid estate Ensuring a risk based approach to security Monitoring and tuning technical IT Security Controls The ideal Purple Team Analyst/Cyber Security Analyst will need strong people skills and the ability to work across and with multiple teams in the business To find out more, click the apply button now, or call to speak to Abigail Moss. We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs.
01/10/2025
Full time
Purple Team Analyst/Cyber Security Analyst - £90,000 base + bonus London - Canary Wharf - 2 days in the office Financial Services Purple Team Analyst/Cyber Security Analyst The Company This financial services business supports a truly global client base, managing trillions of dollars each day. They are looking to hire a Purple Team Analyst/Cyber Security Analyst into a newly created role to support increased Purple Teaming activities within the SecOps Function Purple Team Analyst/Cyber Security Analyst The Role The successful applicant for the Purple Team Analyst/Cyber Security Analyst will be responsible for: Planning, managing and running all Purple teaming activities across the SecOps and wider technology estate Producing playbooks and other documentation relevant to both Purple Teaming and the wider SecOps team Supporting the Threat hunting teams with related activities Engage in security reviews for integrations and new service s Assist with escalations from the SOC team Support with Security risk assessments for all high impact projects Review and update Security protocols to mitigate current threats and best practice Acting as a Subject Matter Expert for Purple Teaming within the wider IT Security Team Purple Team Analyst/Cyber Security Analyst Your background The successful candidate for the Purple Team Analyst/Cyber Security Analyst will have experience with: Planning and executing Purple tests Hands on IT Security analysis and security engineering in particular: Security systems Securing Networks On - call experience Malware analysis, Intrusion detection and Incident Response across a hybrid estate Ensuring a risk based approach to security Monitoring and tuning technical IT Security Controls The ideal Purple Team Analyst/Cyber Security Analyst will need strong people skills and the ability to work across and with multiple teams in the business To find out more, click the apply button now, or call to speak to Abigail Moss. We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs.
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
01/10/2025
Contractor
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role, working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the business deals with threats.
01/10/2025
Contractor
Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role, working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the business deals with threats.
My client is a leading international Services busines and is looking for a forward thinking Senior Cyber Security Analyst to join our ambitious team on an exciting growth journey. In this key role, you will: Maintain and enhance our accredited Information Security Management System (ISMS), focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security standards, and frameworks such as MITRE ATT&CK and NIST . If you have a strong technical background in cyber security and Crowdstrike Falcon , thrive on continuous improvement, and enjoy empowering those around you, this is your chance to make a difference in a forward-thinking organisation committed to innovation and sustainability. This role is 3 days working hybrid in Crewe DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
01/09/2025
Full time
My client is a leading international Services busines and is looking for a forward thinking Senior Cyber Security Analyst to join our ambitious team on an exciting growth journey. In this key role, you will: Maintain and enhance our accredited Information Security Management System (ISMS), focusing on ISO 27001 and Cyber Essentials Plus . Mentor and guide Cyber Analysts, helping to define and mature Security Operations Centre ( SOC ) processes. Take a leading role in threat detection and incident response to protect critical assets and ensure effective security operations. Bring expertise in endpoint and network detection and response ( EDR/NDR ), information security standards, and frameworks such as MITRE ATT&CK and NIST . If you have a strong technical background in cyber security and Crowdstrike Falcon , thrive on continuous improvement, and enjoy empowering those around you, this is your chance to make a difference in a forward-thinking organisation committed to innovation and sustainability. This role is 3 days working hybrid in Crewe DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
