18 of 18 Blue Team Jobs in the UK

Our Cyber team look after some complicated and compelling areas within Aero, Defence and Security. If you want to lead from the front, gain experience working with multiple clients, and always have access to the latest technologies, then join the team who are on the cusp of continued growth and known as leaders in their field. Our new … position of SOC Shift Lead will direct a team of SOC Analysts, conduct monitoring and triage of alerts associated with host and network security events for our clients critical infrastructure and support the SOC through both delivery of client work and adding skills and ideas to this already diverse team. This role is based on site Hemel Hempstead and … security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update More ❯

analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and … personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting … career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Working shifts from the on-site Security More ❯

just responding to security incidents-you're revolutionising how it's done. At Maersk, one of the world's largest and most respected logistics and shipping companies, our Cyber team is pioneering a whole new approach to incident response. This isn't your typical SOC/CERT role: our combined fire team approach team is built on … cutting-edge research and designed to drive change, resilience, and agility in ways the industry has never seen before. Here, you'll be part of a dynamic team that works together to defend, adapt, and innovate with freedom and purpose. You won't just work on IR; you'll help improve how it's done. Dive into purple teaming … through Capture the Flag (CTF) exercises and direct opportunities to bring your ideas to life. Are you ready to be part of something transformational at Maersk and join a team that's setting a new standard in cybersecurity? Join a World-Class Cyber Team: Be part of an elite cyber operation at one of the globe's most More ❯

the SOC in partner and stakeholder meetings. Contribute to SOC process improvement, skills development, and knowledge sharing. Skills/Must Have: Strong experience working in a SOC environment. Proven team leadership or people management experience. Expertise in Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc. … enterprise infrastructure. Desirable skills: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM tools such as QRadar. Shift Pattern: 2 Days, 2 Nights, 4 Off Benefits: 25 days annual leave (plus option to purchase more More ❯

our clients and the challenges they face to create tailored solutions and avoid generic, off-the-shelf products and services. The Role We're looking for an experienced Red Team Operator to join our adversary simulation team, delivering high-impact operations against some of the most complex enterprise environments in the UK and beyond. This isn't a … derived from current threat actors, helping our clients uncover blind spots and prepare for the attacks that actually matter. We value curiosity, creativity, and diverse experience - some of our team came from medicine, others from blue team, IT, or non-technical backgrounds. If you're an experienced operator looking to work on challenging problems alongside a … strong and supportive team, we'd love to hear from you. What you will be doing: Planning and executing full-spectrum red team operations against large-scale organisations. Designing and delivering targeted phishing and social engineering campaigns with behavioural realism. Performing advanced Active Directory enumeration and abuse, including trust path abuse, delegation exploitation, and credential material extraction. Simulating More ❯

and Purple teams, and you're always looking for ways to innovate and improve processes. You're hands-on, adaptable, and ready to make a real impact. About The Team: Our cybersecurity team is responsible for protecting the organisation's digital environment through a blend of defensive operations (Blue Team), offensive simulations (Red Team), and strategic development (Purple Team). We collaborate across disciplines to maintain a high security posture while also building a culture of continuous improvement. As part of the team, you'll gain exposure to a wide range of disciplines while working on practical solutions that support our operations. We value initiative, teamwork, and a desire to grow … outcomes Participate in internal security projects with guidance from senior staff Engage with platform and infrastructure teams to align technical improvements Provide mentoring support to placement students or junior team members when required Functional internal tools/scripts that support security workflows Documented improvements to existing security processes Contribution to research and development for new capabilities Clear project documentation More ❯

irregularities and alerts which may indicate incidents, breaches and events. Investigation of alerts and incidents to ascertain the criticality and prioritisation of security incidents and vulnerabilities. Collaborate with other team members to further investigate incidents and propose responses and solutions. Report any new knowledge gained about existing cyber threats or vulnerabilities within their network so that future incidents can … to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations that may lead to vulnerabilities to Logiq platforms. Collaborate with other InfoSec team members to ensure that the client has the correct procedures in place to continue to operate safely and securely. Conduct the daily and weekly checks to identify vulnerabilities, providing … this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Company benefits include: Discretionary 10% bonus Discretionary 2k annual training fund per employee Very competitive pension More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomalies without existing playbooks. Mentor team members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics … threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating … world risks. Architect detection programs to identify unusual behaviors, reduce dwell time, and optimize resource use. Oversee practices that enhance daily operations, including quality reviews. Lead operational strategy and team exercises, collaborating across functions. Contribute to team requirements, including engineering and continuous improvement. Design and conduct technical interviews, evaluating candidate responses. Experience Proven experience in security testing practices More ❯

XDR, and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. You will also bring hands-on experience in threat hunting, log analysis, red/blue team operations, and incident response coordination-building tooling and processes that respond to real-world threats at scale. You will report directly into the CISO, with a clear mandate to More ❯

Job Title: Blue Team Trainer Location: Western Asia (boundary between Europe and Asia) Company Overview The client is an international, privately-held holding company that has an assortment of interests across a wide range of business areas and sectors with world-class quality. They provide tailored training & products, and the business is expanding its operations around the … world with regional offices in EMEA and APAC. Job Overview: We are seeking an experienced Blue Team Trainer with a solid SOC operations background to deliver hands-on, real-world cybersecurity training. This role involves working directly in a live SOC environment that integrates simulation-based learning to prepare trainees for real-world threats. Key Responsibilities: Deliver … operations, with QRadar expertise being essential. Support learners in real-world SOC environments. Requirements: Proven experience in a Security Operations Center (SOC) . Strong understanding of blue team tools and methodologies. Deep knowledge of IBM QRadar SIEM . Excellent written and verbal communication skills. Based in or willing to relocate to Western Asia (boundary between Europe and More ❯

Job Title: Blue Team Trainer Location: Western Asia (boundary between Europe and Asia) Company Overview The client is an international, privately-held holding company that has an assortment of interests across a wide range of business areas and sectors with world-class quality. They provide tailored training & products, and the business is expanding its operations around the … world with regional offices in EMEA and APAC. Job Overview: We are seeking an experienced Blue Team Trainer with a solid SOC operations background to deliver hands-on, real-world cybersecurity training. This role involves working directly in a live SOC environment that integrates simulation-based learning to prepare trainees for real-world threats. Key Responsibilities: Deliver … operations, with QRadar expertise being essential. Support learners in real-world SOC environments. Requirements: Proven experience in a Security Operations Center (SOC) . Strong understanding of blue team tools and methodologies. Deep knowledge of IBM QRadar SIEM . Excellent written and verbal communication skills. Based in or willing to relocate to Western Asia (boundary between Europe and More ❯

Are you looking for a career where you can make a real difference in people's day? We are seeking an IT Cyber Security Analyst to join our team based in London, with hybrid working arrangements. Can you move people? Apply now. What you'll do The Cyber Security Analyst will handle daily operational cyber security incidents, working closely … following in your application: At least 2 years of experience working in a cyber security role Extensive experience with Microsoft products. Experience working in red/blue team scenarios. Certifications such as CompTIA Security+ (or equivalent) and Certified Ethical Hacker. We support applicants under the Armed Forces Covenant and Disability Confident Scheme. If you meet the criteria … transportation; it's about making a difference in every journey and creating a great place to work, reflected in our awards and commitments to diversity and safety. Our Safeguarding Team ensures the safety of customers, colleagues, and the public, continuously improving safeguarding measures. Salary range: £45,000 - £55,000 per annum, plus free rail travel. More ❯

activities. The successful candidate will be a hands-on, technically skilled security professional with experience across a broad range of cybersecurity disciplines (red/purple and blue team), this experience will enable you to successfully help shape, implement, and maintain effective security controls and infrastructure across the firm. This is a hybrid role (3 days in office More ❯

Deliver and maintain practical recovery processes across a complex, global technology and business landscape. Champion and coordinate cyber resilience testing activities - including red/blue/purple team exercises - and ensure continuous improvement through lessons learned. Build clear, usable documentation and artefacts that support real-world application of recovery processes. Develop metrics and maturity reporting to monitor More ❯

commercial and technical audiences A proactive, self-starting approach with a focus on outcomes and customer value Overview Software Licensing & SAM Pre-Sales Consultant About the Role Baby Blue is recruiting on behalf of a growing technology services provider for an experienced Software Licensing & Software Asset Management (SAM) Pre-Sales Consultant . This is a pivotal role for … the SAM services roadmap Why Work With Us Shape a specialist role with real influence across pre-sales and SAM strategy Join a fast-moving, collaborative, and expert-led team Competitive salary and attractive OTE package Flexible, remote-first working environment Ongoing development support including training and certifications Ready to Apply? Send your CV to or reach out via … our contact page. All enquiries will be handled in strict confidence by the Baby Blue team. More ❯