Acorn Insurance and Financial Services Limited
Liverpool
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
25/04/2025
Full time
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
IT Technical Analyst Location Belfast (Northern Ireland) Type of role 12 months contract (initially, but it could be extended) Salary - £19.05-20.00/hr (depends on experience) Hours Monday to Friday (37.5hrs/week) 07:00am 3:00pm With an option to work half day on Friday (4hrs) Summary: As an IT Analyst, you will ensure effective service delivery for the infrastructure of IT systems, Vulnerability and asset management within the EAME region. You will be challenged to investigate and report on business IT issues, driving continuous Customer Experience (CX) and Service Level improvements to the business. Job Responsibilities: Responsible for the delivery of IT services, including system and infrastructure support, Conduct updates, upgrades, and other maintenance tasks in both hardware and software areas, to make the network more efficient, cost-effective, and secure. Provides effective technical solutions to routine functional challenges via sound technical competence, effectively examining implications of events and issues Address high priority issues/escalations from internal business partners Assists in integrating IT hardware with the organization's existing systems Supports the project leader in developing and executing system test plans. Engagement with business partners to identify new business demands and any potential project work. Drive continuous improvements with external partners and internal teams. Work with supplier relationship teams on vendor reporting and tools processes to understand metrics and trends. Participate in various update/governance meetings. Responsible to ensure services achieve and maintain compliant to IT Security, SOX, and IT Internal Controls. Required Qualifications: Fluent in English Language An IT related degree or IT experience. Excellent interpersonal skills to manage priorities, issues, and influence others. Excellent communication and change management acumen. Prior experience managing and resolving issues across multiple business units. Experience managing or working with global teams. Desired Qualifications: Knowledge of computer hardware, network support, interfacing of software, desktop support, telecommunications concepts, Data Base Management Systems, as well as the various programming languages used at Caterpillar Strong analytical skills LMIND
10/12/2025
Contractor
IT Technical Analyst Location Belfast (Northern Ireland) Type of role 12 months contract (initially, but it could be extended) Salary - £19.05-20.00/hr (depends on experience) Hours Monday to Friday (37.5hrs/week) 07:00am 3:00pm With an option to work half day on Friday (4hrs) Summary: As an IT Analyst, you will ensure effective service delivery for the infrastructure of IT systems, Vulnerability and asset management within the EAME region. You will be challenged to investigate and report on business IT issues, driving continuous Customer Experience (CX) and Service Level improvements to the business. Job Responsibilities: Responsible for the delivery of IT services, including system and infrastructure support, Conduct updates, upgrades, and other maintenance tasks in both hardware and software areas, to make the network more efficient, cost-effective, and secure. Provides effective technical solutions to routine functional challenges via sound technical competence, effectively examining implications of events and issues Address high priority issues/escalations from internal business partners Assists in integrating IT hardware with the organization's existing systems Supports the project leader in developing and executing system test plans. Engagement with business partners to identify new business demands and any potential project work. Drive continuous improvements with external partners and internal teams. Work with supplier relationship teams on vendor reporting and tools processes to understand metrics and trends. Participate in various update/governance meetings. Responsible to ensure services achieve and maintain compliant to IT Security, SOX, and IT Internal Controls. Required Qualifications: Fluent in English Language An IT related degree or IT experience. Excellent interpersonal skills to manage priorities, issues, and influence others. Excellent communication and change management acumen. Prior experience managing and resolving issues across multiple business units. Experience managing or working with global teams. Desired Qualifications: Knowledge of computer hardware, network support, interfacing of software, desktop support, telecommunications concepts, Data Base Management Systems, as well as the various programming languages used at Caterpillar Strong analytical skills LMIND
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
05/12/2025
Full time
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
First Choice Recruitment Services
Bromsgrove, Worcestershire
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
04/12/2025
Full time
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
01/12/2025
Full time
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
01/12/2025
Full time
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
25/11/2025
Full time
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
Security Analyst / Information Assurance + London with hybrid working + Outside IR35 Contract + Junior-Mid level role - 400 to 480 per day Key Skills: + SC Clearance + Background in SIEM The Role We need a sharp Junior Security Analyst to support SOC and IA activities in a secure, fast-moving environment. Real alerts. Real incidents. No babysitting. What You'll Do Monitor and respond to SIEM/EDR alerts. Triage and investigate security incidents. Support vulnerability management and remediation. Assist with IA tasks: risk, audits, and compliance. Maintain access controls, reviews, and security documentation. Essential: 1-2 years in security/SOC/IT security. Knowledge of networks, security principles, and common threats. Experience with SIEM/EDR tools. Understanding of ISO 27001 / NIST. SC cleared Government or Military background Nice to Have: Cloud security exposure (Azure/AWS). Vulnerability scanning tools (Nessus/Qualys). Basic scripting (PowerShell/Python). Security+ or similar.
25/11/2025
Contractor
Security Analyst / Information Assurance + London with hybrid working + Outside IR35 Contract + Junior-Mid level role - 400 to 480 per day Key Skills: + SC Clearance + Background in SIEM The Role We need a sharp Junior Security Analyst to support SOC and IA activities in a secure, fast-moving environment. Real alerts. Real incidents. No babysitting. What You'll Do Monitor and respond to SIEM/EDR alerts. Triage and investigate security incidents. Support vulnerability management and remediation. Assist with IA tasks: risk, audits, and compliance. Maintain access controls, reviews, and security documentation. Essential: 1-2 years in security/SOC/IT security. Knowledge of networks, security principles, and common threats. Experience with SIEM/EDR tools. Understanding of ISO 27001 / NIST. SC cleared Government or Military background Nice to Have: Cloud security exposure (Azure/AWS). Vulnerability scanning tools (Nessus/Qualys). Basic scripting (PowerShell/Python). Security+ or similar.
SOC Analyst - Corsham - Circa 46,000 per annum - On-site (5 days per week) Permanent SC Clearance Required. Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record check. This is an excellent opportunity to join a forward-thinking, inclusive environment with strong investment in training, development, and employee wellbeing. To apply or learn more, please contact us today at Deerfoot Recruitment . Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.
19/11/2025
Full time
SOC Analyst - Corsham - Circa 46,000 per annum - On-site (5 days per week) Permanent SC Clearance Required. Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record check. This is an excellent opportunity to join a forward-thinking, inclusive environment with strong investment in training, development, and employee wellbeing. To apply or learn more, please contact us today at Deerfoot Recruitment . Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.
Cyber Security Analyst - Permanent Role Location: Hybrid London Employment Type: Full-Time Shape the Future of Our Security Framework We're looking for a Cyber Security Analyst who is passionate about closing security gaps and ensuring robust compliance. This is a permanent role where your expertise in ISO 27001 implementation AND ongoing maintenance will be the cornerstone of our security strategy. Why This Role Matters Gap Analysis at the Core: You'll lead regular risk assessments and gap analyses to identify vulnerabilities and strengthen our security posture. ISO 27001 Expertise: Beyond implementation, you'll ensure continuous compliance and drive improvements to maintain certification year after year. Strategic Impact: Your work will influence audits, security operations, and business continuity planning across the organisation. What You'll Do Own the ISO 27001 renewal process , from planning to execution, and maintain ISMS documentation. Conduct comprehensive gap analyses and risk assessments, recommending actionable mitigation strategies. Coordinate internal and external audits, liaising with certification bodies. Develop and update security policies aligned with ISO 27001, GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record in implementing AND maintaining ISO/IEC 27001 certification . Analytical Strength: Skilled in gap analysis, risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead of the curve. Apply now and take ownership of a role where your skills truly make a difference.
18/11/2025
Full time
Cyber Security Analyst - Permanent Role Location: Hybrid London Employment Type: Full-Time Shape the Future of Our Security Framework We're looking for a Cyber Security Analyst who is passionate about closing security gaps and ensuring robust compliance. This is a permanent role where your expertise in ISO 27001 implementation AND ongoing maintenance will be the cornerstone of our security strategy. Why This Role Matters Gap Analysis at the Core: You'll lead regular risk assessments and gap analyses to identify vulnerabilities and strengthen our security posture. ISO 27001 Expertise: Beyond implementation, you'll ensure continuous compliance and drive improvements to maintain certification year after year. Strategic Impact: Your work will influence audits, security operations, and business continuity planning across the organisation. What You'll Do Own the ISO 27001 renewal process , from planning to execution, and maintain ISMS documentation. Conduct comprehensive gap analyses and risk assessments, recommending actionable mitigation strategies. Coordinate internal and external audits, liaising with certification bodies. Develop and update security policies aligned with ISO 27001, GDPR, and other frameworks. Deliver security awareness training and embed a culture of compliance. Support day-to-day security operations, including monitoring, incident response, and threat analysis. What We're Looking For Experience: 3-5 years in information security or compliance roles. ISO 27001 Mastery: Proven track record in implementing AND maintaining ISO/IEC 27001 certification . Analytical Strength: Skilled in gap analysis, risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead of the curve. Apply now and take ownership of a role where your skills truly make a difference.
Technical Applications Manager - Job Specification Contract Details Contract Length: 6 months (initial) Location: Hybrid - 2 days onsite per week Preferred location: Warwick Other acceptable sites: Chorley or London Day Rate: Outside IR35: £600 -£650/day (TBC) Inside IR35: £700-£850/day (TBC) Clearance: Candidates must be eligible for BPSS Role Purpose The Technical Applications Manager will lead the Enterprise Applications (EA) team, ensuring reliable day-to-day service operations and delivery of minor enhancements across a diverse application estate. This role provides technically credible leadership, guiding the team through BAU support, small-scale improvements, and application lifecycle activities while supporting the integration of applications into a wider organisational environment. A strong architectural understanding, hands-on capability, and the ability to validate and steer technical designs are essential. Key Deliverables Technical Leadership & Architecture Provide technically credible leadership across on-premise and legacy application architectures, including infrastructure, databases, middleware, and integration layers. Review and validate technical designs, ensuring best practice and alignment with architectural standards. Act as a hands-on technical escalation point, supporting resolution of complex technical issues. Connect and coordinate across multiple technical domains to ensure cohesive, efficient end-to-end operations. Team Management Lead and mentor a multidisciplinary team of approximately seven specialists (Oracle SMEs, virtual assistants, solution architects, analysts). Foster a culture of accountability, collaboration, and continuous improvement. Oversee BAU operations (approx. 50% of the role), ensuring stability, availability, and performance of business-critical applications. Balance BAU responsibilities with project-based deliverables, ensuring quality and timeliness. Application Operations & Maintenance Oversee the operational performance and maintenance of systems including: Oracle E-Business Suite Oracle Fusion Salesforce Microsoft platforms Power Platform SQL-based applications API and SFTP services Document Management and other critical applications Ensure timely execution of upgrades, patching, and vulnerability remediation to maintain an evergreen application estate. Support Business Continuity and Disaster Recovery planning and testing across the portfolio. Collaboration & Partner Management Work closely with procurement, business stakeholders, and technology partners to manage third-party vendors (including major partners such as Oracle and Salesforce). Conduct regular service reviews and maintain effective relationships with external service providers. Collaborate with cross-functional teams to understand requirements and deliver reliable, scalable solutions. Governance, Security & Compliance Ensure application services comply with ITGC controls, internal IT policies, and relevant industry regulations. Implement appropriate security measures to protect data integrity and mitigate cybersecurity risks. Financial & Operational Management Manage budgets for SaaS subscriptions, operational expenditure, and external partner engagement. Support FinOps optimisation to maximise cost efficiency and resource utilisation. What You Will Bring Technical Expertise Deep technical understanding across on-premise, legacy, and modern application architectures. Experience spanning infrastructure, databases, middleware, and integration technologies. Strong working knowledge of Oracle EBS, Oracle Fusion, Microsoft technologies, Power Platform, SQL development, APIs, and SFTP services. Ability to produce technical designs when needed and validate architectural documentation created by others. Leadership & Delivery Proven experience leading multidisciplinary technical teams in BAU and light project environments. Ability to balance strategic oversight with hands-on involvement comfortable rolling up sleeves. Effective communication skills and the ability to build strong working relationships across technical and operational teams. Personal Attributes Pragmatic, collaborative, and solution-oriented. Strong interpersonal skills and the ability to guide teams through complex challenges. Comfortable working in a dynamic environment with shifting priorities. Well-suited to a role offering development and growth within a senior technology function.
14/11/2025
Contractor
Technical Applications Manager - Job Specification Contract Details Contract Length: 6 months (initial) Location: Hybrid - 2 days onsite per week Preferred location: Warwick Other acceptable sites: Chorley or London Day Rate: Outside IR35: £600 -£650/day (TBC) Inside IR35: £700-£850/day (TBC) Clearance: Candidates must be eligible for BPSS Role Purpose The Technical Applications Manager will lead the Enterprise Applications (EA) team, ensuring reliable day-to-day service operations and delivery of minor enhancements across a diverse application estate. This role provides technically credible leadership, guiding the team through BAU support, small-scale improvements, and application lifecycle activities while supporting the integration of applications into a wider organisational environment. A strong architectural understanding, hands-on capability, and the ability to validate and steer technical designs are essential. Key Deliverables Technical Leadership & Architecture Provide technically credible leadership across on-premise and legacy application architectures, including infrastructure, databases, middleware, and integration layers. Review and validate technical designs, ensuring best practice and alignment with architectural standards. Act as a hands-on technical escalation point, supporting resolution of complex technical issues. Connect and coordinate across multiple technical domains to ensure cohesive, efficient end-to-end operations. Team Management Lead and mentor a multidisciplinary team of approximately seven specialists (Oracle SMEs, virtual assistants, solution architects, analysts). Foster a culture of accountability, collaboration, and continuous improvement. Oversee BAU operations (approx. 50% of the role), ensuring stability, availability, and performance of business-critical applications. Balance BAU responsibilities with project-based deliverables, ensuring quality and timeliness. Application Operations & Maintenance Oversee the operational performance and maintenance of systems including: Oracle E-Business Suite Oracle Fusion Salesforce Microsoft platforms Power Platform SQL-based applications API and SFTP services Document Management and other critical applications Ensure timely execution of upgrades, patching, and vulnerability remediation to maintain an evergreen application estate. Support Business Continuity and Disaster Recovery planning and testing across the portfolio. Collaboration & Partner Management Work closely with procurement, business stakeholders, and technology partners to manage third-party vendors (including major partners such as Oracle and Salesforce). Conduct regular service reviews and maintain effective relationships with external service providers. Collaborate with cross-functional teams to understand requirements and deliver reliable, scalable solutions. Governance, Security & Compliance Ensure application services comply with ITGC controls, internal IT policies, and relevant industry regulations. Implement appropriate security measures to protect data integrity and mitigate cybersecurity risks. Financial & Operational Management Manage budgets for SaaS subscriptions, operational expenditure, and external partner engagement. Support FinOps optimisation to maximise cost efficiency and resource utilisation. What You Will Bring Technical Expertise Deep technical understanding across on-premise, legacy, and modern application architectures. Experience spanning infrastructure, databases, middleware, and integration technologies. Strong working knowledge of Oracle EBS, Oracle Fusion, Microsoft technologies, Power Platform, SQL development, APIs, and SFTP services. Ability to produce technical designs when needed and validate architectural documentation created by others. Leadership & Delivery Proven experience leading multidisciplinary technical teams in BAU and light project environments. Ability to balance strategic oversight with hands-on involvement comfortable rolling up sleeves. Effective communication skills and the ability to build strong working relationships across technical and operational teams. Personal Attributes Pragmatic, collaborative, and solution-oriented. Strong interpersonal skills and the ability to guide teams through complex challenges. Comfortable working in a dynamic environment with shifting priorities. Well-suited to a role offering development and growth within a senior technology function.
Security Analyst (GRC) Cardiff-based office (Hybrid - Very Flexible) Up to 45,000 + Excellent Benefits CPS Group are delighted to be supporting our financial services client in their search for a Security Analyst (GRC) to join their growing, forward-thinking Security team on a permanent basis. This is an exciting opportunity to play a key role in safeguarding digital infrastructure, enhancing security controls, and ensuring the resilience of systems, networks, and data across both cloud and on-prem environments. If you're looking to thrive in dynamic environments, and want your work to have a tangible impact, this is a fantastic time to join a business that truly values its people, invests in technology, and encourages professional growth. The Role: - Monitor systems, networks, and user activity to detect suspicious behaviour or policy violations - Investigate and manage security incidents, carrying out root cause analysis and reporting - Deploy, configure, and maintain key security platforms used by the analyst team - Conduct vulnerability assessments and coordinate remediation activities - Support patch management and compliance reporting - Perform regular reviews and health checks on security controls - Create and enhance measures to demonstrate the effectiveness of security controls - Assist with internal and external security assessments and audits - Update and maintain incident response plans, playbooks, and procedures - Provide 3rd-line support to IT colleagues and the wider business Technical Skills: - SIEM and SOAR platforms - Log analytics, rule creation, tuning, and threat hunting - Familiarity with security frameworks - Azure and M365 security configuration and alert investigation - Dashboards and visualisation tools - Firewalls (CheckPoint, VMware NSX) - Windows Server and Desktop environments - XDR solutions - tuning and alert investigation Experience: - Ideally, have strong experience in a similar role - Relevant qualifications in IT Security, GRC ect. - A proactive, curious, and detail-oriented approach to problem-solving - Excellent communication skills, both written and verbal, with the ability to simplify technical issues - Confidence working with large data sets and security analytics tools If interested, please apply today or contact Sam John at CPS Group for more information: (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)>
13/11/2025
Full time
Security Analyst (GRC) Cardiff-based office (Hybrid - Very Flexible) Up to 45,000 + Excellent Benefits CPS Group are delighted to be supporting our financial services client in their search for a Security Analyst (GRC) to join their growing, forward-thinking Security team on a permanent basis. This is an exciting opportunity to play a key role in safeguarding digital infrastructure, enhancing security controls, and ensuring the resilience of systems, networks, and data across both cloud and on-prem environments. If you're looking to thrive in dynamic environments, and want your work to have a tangible impact, this is a fantastic time to join a business that truly values its people, invests in technology, and encourages professional growth. The Role: - Monitor systems, networks, and user activity to detect suspicious behaviour or policy violations - Investigate and manage security incidents, carrying out root cause analysis and reporting - Deploy, configure, and maintain key security platforms used by the analyst team - Conduct vulnerability assessments and coordinate remediation activities - Support patch management and compliance reporting - Perform regular reviews and health checks on security controls - Create and enhance measures to demonstrate the effectiveness of security controls - Assist with internal and external security assessments and audits - Update and maintain incident response plans, playbooks, and procedures - Provide 3rd-line support to IT colleagues and the wider business Technical Skills: - SIEM and SOAR platforms - Log analytics, rule creation, tuning, and threat hunting - Familiarity with security frameworks - Azure and M365 security configuration and alert investigation - Dashboards and visualisation tools - Firewalls (CheckPoint, VMware NSX) - Windows Server and Desktop environments - XDR solutions - tuning and alert investigation Experience: - Ideally, have strong experience in a similar role - Relevant qualifications in IT Security, GRC ect. - A proactive, curious, and detail-oriented approach to problem-solving - Excellent communication skills, both written and verbal, with the ability to simplify technical issues - Confidence working with large data sets and security analytics tools If interested, please apply today or contact Sam John at CPS Group for more information: (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)>
Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.
04/10/2025
Contractor
Cybersecurity Vulnerability Lead - £700 per day - Inside IR35 - Remote - 6 Months initial contract. Our client, the UKs leading producer of Zero Carbon energy, is looking for a Cybersecurity Vulnerability Lead to join them on a contract basis. This is a senior role with responsibility for the organisation s vulnerability management programme across multiple business units, technologies, and regulatory environments. The organisation has made significant investment in Tenable as its core vulnerability management platform. You ll be expected to lead its strategic and day-to-day usage, ensuring vulnerabilities are accurately identified, prioritised, and remediated while driving continuous improvement in how the platform is integrated and utilised. Candidates with strong Tenable expertise, particularly those who have embedded it at scale in large or regulated environments such as financial services, will be especially attractive for this role. Security Clearance - Due to the sensitive nature of the work, candidates must be eligible for SC clearance. Candidates with active or recently lapsed SC clearance will be prioritised. Applicants without clearance must be willing and eligible to undergo vetting. The Role - As Cybersecurity Vulnerability Lead, you will: Own the end-to-end vulnerability management programme, with Tenable One at the core. Define and deliver the strategy, policies, SLAs, and operating rhythm. Lead on risk-based prioritisation using exploit intelligence, asset criticality, and business impact. Translate scan data into clear, actionable remediation plans for technical teams. Build dashboards and executive reports (ServiceNow, Power BI). Provide rapid risk assessments and emergency patch governance during incidents. Support audits and regulatory compliance (ISO27001, CE+, GDPR, NIS2, ONR). Drive automation, integrating tools and workflows to improve efficiency. Act as subject matter expert for Tenable and related tooling, ensuring platforms are fully leveraged. Mentor analysts and security champions, building maturity across the team. About You - You will bring experience leading vulnerability management at enterprise scale, ideally in financial services or similarly regulated industries. You should also have hands-on knowledge of the following: Core Vulnerability Management - Tenable One (Exposure Management, Attack Surface Management, Attack Paths, Identity) AWS Inspector Agent-based and network-based scanning Cloud integrations (AWS, Azure, GCP) Dashboards and risk-based prioritisation Patch & Endpoint Management - Microsoft Intune / SCCM / WSUS Jamf Workflow & ITSM Integration - ServiceNow (dashboards, SOAR) Jira Cloud & Application Security - AWS Security Hub Azure Defender for Cloud Veracode Threat Intelligence & Exploit Context - Tenable Threat Intelligence Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE / CE+, GDPR, NIS2, ONR Security Domains / Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring Processes & Practices - Vulnerability Management Programmes Incident Response and Threat Assessment Emergency Patch Governance Risk-based Prioritisation (CVEs, exploit intelligence, asset criticality, business impact) Audit Support (internal assurance, penetration test follow-ups, external audits) Exception and exemption management Automation of manual tasks Dashboarding for risk and SLA metrics What's on Offer - A leadership role with significant influence across a major UK organisation. Opportunity to work with a forward-thinking Cyber Services function pushing boundaries in vulnerability management.
Security Analyst UK Financial Services Compliance & Technical Security North West England 35k- 45k + Benefits/Progression Zachary Daniels are delighted to be working with a well-established UK business during an exciting period of growth, to recruit a Security Analyst . This is a company investing heavily in technology, compliance, and security. In this role, you'll be part of a collaborative team, working across compliance, risk, and technical security to protect the business, strengthen frameworks, and support transformation projects. It's a varied position offering real scope to grow both your governance and technical skills. Benefits You'll Enjoy: Competitive salary up to (DOE) Generous annual leave entitlement, rising with service Enhanced maternity, paternity, and parental leave Life assurance Regular social events Role Responsibilities: Identify and assess security risks, ensuring mitigation plans are in place. Support the development and maintenance of security policies and standards. Assist with third-party security reviews and supplier risk management. Provide oversight of vulnerability assessments. Conduct architecture reviews for new systems and services. Evaluate technical controls and recommend improvements. Support the rollout of new security tools and technologies. Provide input into incident management and security metrics reporting. About You: 2+ years' experience in an security role. Strong understanding of risk assessment methodologies. Knowledge of frameworks such as ISO 27001. Experience with vulnerability management and technical controls. Excellent problem-solving skills with strong attention to detail. Confident communicator with the ability to explain security concepts to non-technical stakeholders. This is more than just a security role, it's a chance to join a forward-thinking business, develop your expertise across both compliance and technical domains, and make a real impact in protecting and enabling the organisation. Apply today with your most up-to-date CV! BBBH34361
03/10/2025
Full time
Security Analyst UK Financial Services Compliance & Technical Security North West England 35k- 45k + Benefits/Progression Zachary Daniels are delighted to be working with a well-established UK business during an exciting period of growth, to recruit a Security Analyst . This is a company investing heavily in technology, compliance, and security. In this role, you'll be part of a collaborative team, working across compliance, risk, and technical security to protect the business, strengthen frameworks, and support transformation projects. It's a varied position offering real scope to grow both your governance and technical skills. Benefits You'll Enjoy: Competitive salary up to (DOE) Generous annual leave entitlement, rising with service Enhanced maternity, paternity, and parental leave Life assurance Regular social events Role Responsibilities: Identify and assess security risks, ensuring mitigation plans are in place. Support the development and maintenance of security policies and standards. Assist with third-party security reviews and supplier risk management. Provide oversight of vulnerability assessments. Conduct architecture reviews for new systems and services. Evaluate technical controls and recommend improvements. Support the rollout of new security tools and technologies. Provide input into incident management and security metrics reporting. About You: 2+ years' experience in an security role. Strong understanding of risk assessment methodologies. Knowledge of frameworks such as ISO 27001. Experience with vulnerability management and technical controls. Excellent problem-solving skills with strong attention to detail. Confident communicator with the ability to explain security concepts to non-technical stakeholders. This is more than just a security role, it's a chance to join a forward-thinking business, develop your expertise across both compliance and technical domains, and make a real impact in protecting and enabling the organisation. Apply today with your most up-to-date CV! BBBH34361
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
03/10/2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
03/10/2025
Full time
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Security Analyst UK Financial Services Compliance & Technical Security North West England £35k-£45k + Benefits/Progression Zachary Daniels are delighted to be working with a well-established UK business during an exciting period of growth, to recruit a Security Analyst . This is a company investing heavily in technology, compliance, and security. In this role, you'll be part of a collaborative team, working across compliance, risk, and technical security to protect the business, strengthen frameworks, and support transformation projects. It's a varied position offering real scope to grow both your governance and technical skills. Benefits You'll Enjoy: Competitive salary up to £45 000 (DOE) Generous annual leave entitlement, rising with service Enhanced maternity, paternity, and parental leave Life assurance Regular social events Role Responsibilities: Identify and assess security risks, ensuring mitigation plans are in place. Support the development and maintenance of security policies and standards. Assist with third-party security reviews and supplier risk management. Provide oversight of vulnerability assessments. Conduct architecture reviews for new systems and services. Evaluate technical controls and recommend improvements. Support the rollout of new security tools and technologies. Provide input into incident management and security metrics reporting. About You: 2+ years' experience in an security role. Strong understanding of risk assessment methodologies. Knowledge of frameworks such as ISO 27001. Experience with vulnerability management and technical controls. Excellent problem-solving skills with strong attention to detail. Confident communicator with the ability to explain security concepts to non-technical stakeholders. This is more than just a security role, it's a chance to join a forward-thinking business, develop your expertise across both compliance and technical domains, and make a real impact in protecting and enabling the organisation. Apply today with your most up-to-date CV! BBBH34361
03/10/2025
Full time
Security Analyst UK Financial Services Compliance & Technical Security North West England £35k-£45k + Benefits/Progression Zachary Daniels are delighted to be working with a well-established UK business during an exciting period of growth, to recruit a Security Analyst . This is a company investing heavily in technology, compliance, and security. In this role, you'll be part of a collaborative team, working across compliance, risk, and technical security to protect the business, strengthen frameworks, and support transformation projects. It's a varied position offering real scope to grow both your governance and technical skills. Benefits You'll Enjoy: Competitive salary up to £45 000 (DOE) Generous annual leave entitlement, rising with service Enhanced maternity, paternity, and parental leave Life assurance Regular social events Role Responsibilities: Identify and assess security risks, ensuring mitigation plans are in place. Support the development and maintenance of security policies and standards. Assist with third-party security reviews and supplier risk management. Provide oversight of vulnerability assessments. Conduct architecture reviews for new systems and services. Evaluate technical controls and recommend improvements. Support the rollout of new security tools and technologies. Provide input into incident management and security metrics reporting. About You: 2+ years' experience in an security role. Strong understanding of risk assessment methodologies. Knowledge of frameworks such as ISO 27001. Experience with vulnerability management and technical controls. Excellent problem-solving skills with strong attention to detail. Confident communicator with the ability to explain security concepts to non-technical stakeholders. This is more than just a security role, it's a chance to join a forward-thinking business, develop your expertise across both compliance and technical domains, and make a real impact in protecting and enabling the organisation. Apply today with your most up-to-date CV! BBBH34361
Are you a proactive security professional ready to lead incident response and shape the future of security operations across a global enterprise? Join a market-leading organization undergoing a major transformation to build a Group Shared Services model across the UK, Ireland, and the US. This is your chance to play a pivotal role in strengthening security posture across diverse business models-including third-party and franchisee environments. Responsibilities: Lead incident response across multiple regions and business units. Drive security gap analysis and remediation strategies. Manage vulnerability detection and resolution using tools like Tenable, Nessus, and Microsoft Defender. Collaborate with internal teams, external vendors, and franchisees. Develop and refine security documentation and executive reporting. Contribute to the evolution of a standardized incident response framework. Requirements: Hands-on experience in incident response and vulnerability management. Strong technical skills in Azure 365, Microsoft Defender, Sentinel, Tenable, and Nessus. Ability to translate complex technical issues into clear, actionable insights. Excellent stakeholder engagement and communication skills. Experience in Microsoft-centric environments and distributed/franchisee models is a plus. Why this role stands out: Be part of a maturing security function with global impact. Work in a flexible hybrid model that supports work-life balance. Collaborate across regions and business units in a high-autonomy environment. Competitive salary and benefits package. Opportunity to shape security strategy in a dynamic, forward-thinking organization. Ready to make your mark in global security operations? Apply now and be part of a team that values innovation, collaboration, and continuous improvement.
03/10/2025
Full time
Are you a proactive security professional ready to lead incident response and shape the future of security operations across a global enterprise? Join a market-leading organization undergoing a major transformation to build a Group Shared Services model across the UK, Ireland, and the US. This is your chance to play a pivotal role in strengthening security posture across diverse business models-including third-party and franchisee environments. Responsibilities: Lead incident response across multiple regions and business units. Drive security gap analysis and remediation strategies. Manage vulnerability detection and resolution using tools like Tenable, Nessus, and Microsoft Defender. Collaborate with internal teams, external vendors, and franchisees. Develop and refine security documentation and executive reporting. Contribute to the evolution of a standardized incident response framework. Requirements: Hands-on experience in incident response and vulnerability management. Strong technical skills in Azure 365, Microsoft Defender, Sentinel, Tenable, and Nessus. Ability to translate complex technical issues into clear, actionable insights. Excellent stakeholder engagement and communication skills. Experience in Microsoft-centric environments and distributed/franchisee models is a plus. Why this role stands out: Be part of a maturing security function with global impact. Work in a flexible hybrid model that supports work-life balance. Collaborate across regions and business units in a high-autonomy environment. Competitive salary and benefits package. Opportunity to shape security strategy in a dynamic, forward-thinking organization. Ready to make your mark in global security operations? Apply now and be part of a team that values innovation, collaboration, and continuous improvement.
-Security Operations Lead -Salary £65-75,000 -Fixed Term Contract - 12 months -Glasgow / Remote First Role Brand new opportunity to the market for a seasoned Security Operations Lead to join my financial services client, as they continue on their transformational journey of growth and improvement for the business. You will work alongside a team of Security Analysts within the wider function and have responsibility for security monitoring and incident response capabilities as, well as detecting security incidents and responding effectively. Additionally, you will perform in-depth analysis and investigation of security alerts and events, supporting and managing daily workload for the SecOps team and leading the response to security incidents. Key Experience (A blend of): Strong, practical knowledge of security frameworks and industry standards Regulatory requirement expertise - Cyber Essentials Plus, ISO 27001 and GDPR Microsoft security tools - Defender, Entra ID, Purview Cloud platform exposure - Azure preferred Broad experience of configuring and management of SIEM tooling Certifications CISSP, CISM are a non-negotiable Hands-on expertise with identity and access management, endpoint protection, vulnerability and patch management and cloud security. Ability to explain complex technical issues to non-technical audiences Accreditations in Azure or AWS are desirable. Strong collaboration and communication skills Positive and creative in nature The above is not exhaustive. For further information on this opportunity please forward an updated CV to Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
02/10/2025
Full time
-Security Operations Lead -Salary £65-75,000 -Fixed Term Contract - 12 months -Glasgow / Remote First Role Brand new opportunity to the market for a seasoned Security Operations Lead to join my financial services client, as they continue on their transformational journey of growth and improvement for the business. You will work alongside a team of Security Analysts within the wider function and have responsibility for security monitoring and incident response capabilities as, well as detecting security incidents and responding effectively. Additionally, you will perform in-depth analysis and investigation of security alerts and events, supporting and managing daily workload for the SecOps team and leading the response to security incidents. Key Experience (A blend of): Strong, practical knowledge of security frameworks and industry standards Regulatory requirement expertise - Cyber Essentials Plus, ISO 27001 and GDPR Microsoft security tools - Defender, Entra ID, Purview Cloud platform exposure - Azure preferred Broad experience of configuring and management of SIEM tooling Certifications CISSP, CISM are a non-negotiable Hands-on expertise with identity and access management, endpoint protection, vulnerability and patch management and cloud security. Ability to explain complex technical issues to non-technical audiences Accreditations in Azure or AWS are desirable. Strong collaboration and communication skills Positive and creative in nature The above is not exhaustive. For further information on this opportunity please forward an updated CV to Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
02/10/2025
Full time
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
