Analyst. You will be responsible for maintaining and improving all security operational procedures, processes and technical controls, monitoring, detecting and responding to security threats, threat hunting, threatintelligence and the management of security testing in order to reduce operation information security risks. Role responsibilities : Configuration and scheduling more »
Lead Security Operations Analyst – Milton Keynes As a skilled SOC Analyst who is confident working on governance, incident management and threat analysis, you will be working as part of a small but well-skilled team, reporting to the SOC Manager. This one could be for you! We have partnered … successful SOC Team. What you will ideally have experience of? Excellent communication skills (verbal & written) Governance Intrusion detection and analysis Cyber Security Incident management ThreatIntelligence and understanding Cyber security qualifications are desirable *Must have Security Clearance or be eligible to obtain security clearance. What’s next? If more »
team. Key Responsibilities: Monitor, detect, and respond to cyber security incidents in real-time and from various sources, such as network, endpoint, cloud, and threat intelligence. Conduct in-depth analysis of security events and alerts to identify potential threats. Identify and prioritize the cyber security incidents and escalate them … CSOC processes, technologies, and capabilities. Report and communicate the cyber security status, trends, and issues to the CSOC team leader. Enrich log data with ThreatIntelligence to provide context for observed suspicious events. Requirements: Bachelor's degree in Cybersecurity, Information Technology, or related field. Minimum of 3 years … officials and non-technical individuals. Strong understanding of network and system security principles. Relevant certifications (e.g., CISSP, CEH, GCIH) are a plus. Experience in threatintelligence and information sharing. Ability to work in a fast-paced, high-stakes environment. If you have the relevant experience and interested in more »
purpose team of professionals across a global footprint to deliver the following key components as one Centre of Excellence: Financial crime investigations and financial intelligence; and Nominated Officer/Suspicious Activity Reporting Oversight The role will be a member of the Global Financial Crime leadership team, reporting to the … GlobalCo-Heads of Financial Crime Compliance. Key Accountabilities The Global Head of Intelligence & Investigations will: Provide strategic leadership of Financial Crime Intelligence & Investigations – managing multi-disciplinary teams in several locations who deliver services of the highest quality that support Barclays in the detection and prevention of financial crime … threats and aid in the development of mitigating controls. Lead the implementation of the defined target operating model for Financial Crime Intelligence & Investigations in the second line which is able to develop and respond to threatintelligence and perform oversight of Suspicious Activity Reporting to prevent, detect more »
with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threatintelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/WAN more »
triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security Incident Handling … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •ThreatIntelligence: Utilizing threatintelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »
of security tools such as SIEM, Firewalls and Cloud Security to monitor systems Providing Windows Server and Network Support Assess and respond to external threatintelligence reports Support ISO27001, Cyber Essentials Plus and other internal and external audit programme Implement and improve technical processes to create efficient and more »
firms enterprise estate. Responsibilities Own and consistently develop the monitoring detection and response tooling, automating and fine-tuning wherever possible. Utilize and ingest relevant threat intel feeds mapped out against their estate and MITRE ATT&CK framework Perform hands-on security threat modelling, risk assessment and vulnerability remediation more »
investigative methods using the SOC’s software toolsets to enhance recognition opportunities for specific analysis. • Maintain a baseline of system security according to latest threatintelligence and evolving trends. • Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. • Provide Subject Matter Expertise (SME more »
forensic data and physical equipment Act as incident responder for potential incident identified Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics Conduct security assessments regularly to identify vulnerabilities and performing risk analysis. Analyse the breach to reach the root cause. … Monitoring/SOC documentation, processes and procedures and ensure currency. Skills and Experiences Ability to work under pressure In-depth understanding of the cyber threat landscape and advances adversary tactics The role requires an intermediate knowledge and experience of Linux; Windows; Azure; AWS; Elastic Stack; Tennable; Threat Intel more »
their existing cyber function with another dedicated Incident Response Consultant. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your responsibilities will be as follows: Work closely with clients going through cyber incidents, which may include Ransomware, BEC and … cloud incidents. Working closely with the wider cyber function, including but not limited to threatintelligence and forensics to assist with investigations and improve the threat hunting service. Create and improve playbooks/runbooks. Conduct threat hunting engagements. Conduct research focused tasks, e.g APT tracking and … be successful in your application, you will need: A SOC background, where you have had exposure to IR, and have a strong baseline of threat hunting experience. Hybrid role (x2 a week in office), London based opportunity. Please contact pg@barclaysimpson for immediate consideration. more »
role as this vendor looks to expand their offerings across the UK and Central Europe. We are looking for someone with experience in cyber threatintelligence sales who has taken ownership of the entire sales process, from cradle to grave. We are looking to speak with problem solvers … business growth Your sales experience is from dealing with leading enterprise companies or organisations, communicating and closing deals with CISOs, CSOs, CIOs, Heads of Intelligence or equivalent level of seniority Positive, energetic and driven by achieving personal and company/team success You enjoy working in a fast-paced more »
Crawley, Sussex, United Kingdom Hybrid / WFH Options
Matchtech
the Cyber Security Operations Manager. The role offers an excellent blend of in-office and remote working options post-probationary period. Key Responsibilities: Advanced Threat Hunting: Analyse and assess multiple threatintelligence sources and indicators of compromise to identify new threat patterns, vulnerabilities, and anomalies, and … capabilities and develop important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS more »
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Matchtech
the Cyber Security Operations Manager. The role offers an excellent blend of in-office and remote working options post-probationary period. Key Responsibilities: Advanced Threat Hunting: Analyse and assess multiple threatintelligence sources and indicators of compromise to identify new threat patterns, vulnerabilities, and anomalies, and … capabilities and develop important security and performance metrics. Job Requirements: Extensive experience in a SOC Level 2 or 3 role with evidence of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR, EDR, IDS more »
to maintain, develop, and deliver cyber risk reporting and appetite statements. * Maintain and develop Information Security policies and procedures relevant to the current cyber threat landscape. * Maintain, develop, and test the Cyber Incident Response Plan. * Monitor and manage compliance with relevant cybersecurity regulations. * Manage actions and output from stakeholder … engagements, including customers, regulators, and auditors. * Stay current with emerging security trends, threatintelligence, industry standards, and security-enhancing technologies. Essential Skills, Knowledge & Experience: * Proven experience in an Information Security role. * Experience working in a professional or financial services environment. * Hands-on experience conducting cyber risk assessments and more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
Oxfordshire, South East, United Kingdom Hybrid / WFH Options
La Fosse Associates Ltd
Working with other members of the Security Operation Centre, you will be supporting the ongoing development of the function through the use of automation, threatintelligence, and attack driven defence techniques. You will also be responsible for timely resolution of security incidents, requests and changes, following existing ITIL more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
London, England, United Kingdom Hybrid / WFH Options
Control Risks
In this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber ThreatIntelligence reporting. This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence platform, as well as supporting on and … sources of information and develop capabilities to collect and analyse information in support of the team. Demonstrate strong investigation skills relating to specific cyber threat incidents, data breaches and other cyber security incidents. Build knowledge of collection tools to support bespoke investigative projects and Cyber Incident Response engagements. Conduct … on topics which support other service lines, notably Global Risk Analysis, Compliance Forensics and Investigations, and Response. Develop knowledge of principal cyber and online threat actors through research on open source, social media, deep and dark web sites and Control Risks internal intelligence systems. Contribute continuous research for more »
ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threatIntelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting capabilities … that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers more »
NCSC CTAS and CPA Assurance Schemes. Knowledge of working in secure environments (List X facilities) and accredited labs (ISO17025). Research and Development experience. ThreatIntelligence experience. To discuss this or wider Consulting roles with our recruitment team, all you need to do is apply, create a profile more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »