Portsmouth, England, United Kingdom Hybrid / WFH Options
Cloud People
Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident response Solid understanding of networks, Windows and Linux systems and cloud security across M365, Azure and AWS Excellent communication skills and a collaborative mindset More ❯
Portsmouth, yorkshire and the humber, united kingdom Hybrid / WFH Options
Cloud People
Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident response Solid understanding of networks, Windows and Linux systems and cloud security across M365, Azure and AWS Excellent communication skills and a collaborative mindset More ❯
best practices , including vulnerability and incident management. Practical experience with security monitoring and protection tools such as Firewalls, IDS/IPS, XDR, SIEM, CNAPP, and log collection platforms (e.g., CrowdStrike, Lacework). Experience in designing and implementing Identity and Access Management (IAM) solutions and maintaining secure authentication practices. Proficiency with Windows and Linux systems , as well as network scanning and More ❯
Portsmouth, England, United Kingdom Hybrid / WFH Options
Cloud People
to 5 years of experience in a SOC, security engineering or cyber operations environment • Hands on experience with SIEM or EDR platforms such as Microsoft Sentinel, Splunk, Defender, CrowdStrike or Elastic • Proven ability to build and tune detection rules, dashboards and automation playbooks • Knowledge of scripting or automation using KQL, PowerShell, Python or similar • Familiarity with log management, APIs and More ❯
Portsmouth, yorkshire and the humber, united kingdom Hybrid / WFH Options
Cloud People
to 5 years of experience in a SOC, security engineering or cyber operations environment • Hands on experience with SIEM or EDR platforms such as Microsoft Sentinel, Splunk, Defender, CrowdStrike or Elastic • Proven ability to build and tune detection rules, dashboards and automation playbooks • Knowledge of scripting or automation using KQL, PowerShell, Python or similar • Familiarity with log management, APIs and More ❯
Experience/Skills: 5 years experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log management, APIs, data More ❯
Portsmouth, yorkshire and the humber, united kingdom
Computappoint
Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log management, APIs, data More ❯
Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log management, APIs, data More ❯
coach and upskill junior analysts. You should bring: 24 years experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background More ❯
and upskill junior analysts. You should bring: 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background More ❯
Portsmouth, yorkshire and the humber, united kingdom
Franklin Fitch
and upskill junior analysts. You should bring: 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background More ❯
and upskill junior analysts. You should bring: 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Cititec
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
london, south east england, united kingdom Hybrid / WFH Options
Cititec
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Cititec
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
slough, south east england, united kingdom Hybrid / WFH Options
Cititec
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
Bristol, Avon, England, United Kingdom Hybrid / WFH Options
Sanderson
Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat More ❯
Edinburgh, Midlothian, Scotland, United Kingdom Hybrid / WFH Options
Sanderson
Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat More ❯
Peterborough, Cambridgeshire, England, United Kingdom Hybrid / WFH Options
Sanderson
Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat More ❯
as CompTIA Security+, ISACA OR equivalent experience Strong hands-on experience with SIEM platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE More ❯
as CompTIA Security+, ISACA OR equivalent experience Strong hands-on experience with SIEM platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE More ❯
infrastructure/networking background with security exposure. Hands-on experience with SIEM platforms – e.g. Microsoft Sentinel, Google Chronicle, or similar. Working knowledge of EDR/XDR tools such as CrowdStrike, SentinelOne, Palo Alto Cortex, or Microsoft Defender. Understanding of incident response frameworks (MITRE ATT&CK preferred). Experience with vulnerability management platforms such as Rapid7 or Tenable. Exposure to Cyber More ❯
You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and More ❯
