6 of 6 Blue Team Jobs in the UK excluding London

Our Cyber team look after some complicated and compelling areas within Aero, Defence and Security. If you want to lead from the front, gain experience working with multiple clients, and always have access to the latest technologies, then join the team who are on the cusp of continued growth and known as leaders in their field. Our new … position of SOC Shift Lead will direct a team of SOC Analysts, conduct monitoring and triage of alerts associated with host and network security events for our clients critical infrastructure and support the SOC through both delivery of client work and adding skills and ideas to this already diverse team. This role is based on site Hemel Hempstead and … security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update More ❯

analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and … personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting … career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Working shifts from the on-site Security More ❯

just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on … cutting-edge research and designed to drive change, resilience, and agility in ways the industry has never seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on IR; you'll help improve how it's done. Dive into purple teaming … through Capture the Flag (CTF) exercises and direct opportunities to bring your ideas to life. Are you ready to be part of something transformational at Maersk and join a team that's setting a new standard in cybersecurity? Join a World-Class Cyber Team: Be part of an elite cyber operation at one of the globe's most More ❯

irregularities and alerts which may indicate incidents, breaches and events. Investigation of alerts and incidents to ascertain the criticality and prioritisation of security incidents and vulnerabilities. Collaborate with other team members to further investigate incidents and propose responses and solutions. Report any new knowledge gained about existing cyber threats or vulnerabilities within their network so that future incidents can … to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations that may lead to vulnerabilities to Logiq platforms. Collaborate with other InfoSec team members to ensure that the client has the correct procedures in place to continue to operate safely and securely. Conduct the daily and weekly checks to identify vulnerabilities, providing … this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Company benefits include: Discretionary 10% bonus Discretionary 2k annual training fund per employee Very competitive pension More ❯

Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomalies without existing playbooks. Mentor team members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics … threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating … world risks. Architect detection programs to identify unusual behaviors, reduce dwell time, and optimize resource use. Oversee practices that enhance daily operations, including quality reviews. Lead operational strategy and team exercises, collaborating across functions. Contribute to team requirements, including engineering and continuous improvement. Design and conduct technical interviews, evaluating candidate responses. Experience Proven experience in security testing practices More ❯

Deliver and maintain practical recovery processes across a complex, global technology and business landscape. Champion and coordinate cyber resilience testing activities - including red/blue/purple team exercises - and ensure continuous improvement through lessons learned. Build clear, usable documentation and artefacts that support real-world application of recovery processes. Develop metrics and maturity reporting to monitor More ❯