1 to 25 of 356 Cyber Defence Jobs in the UK

Lead SOC Analyst Leeds SC Clearance essential Day Shift/On-site A leading UK-based consultancy specialising in Defence and Security is seeking an experienced Lead SOC Analyst to support the day-to-day operations and continuous improvement of a dedicated SOC for a high-profile Critical National Infrastructure (CNI) organisation. This opportunity involves working at the forefront … of cyber defence, helping to secure hundreds of cloud-hosted systems across AWS and Azure environments from persistent and advanced threats. This strategic SOC is designed to be a benchmark of cyber security excellence, blending in-house and consultancy staff across multiple sites. Core operational duties will be conducted from a secure facility in Leeds, due to … SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks Key Responsibilities: Lead operational cyber defence activities across a 24/7 SOC environment. Deliver comprehensive shift handover briefings and ensure continuity across teams. Monitor and analyse SIEM alerts, logs, and network traffic More ❯

threats. Key Responsibilities: Vulnerability Management: Develop, implement, and operate vulnerability management capabilities using tools like Tenable One. Deploy, configure, and manage vulnerability assessment tools (e.g., Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various … teams. In-depth understanding of the current threat landscape and security best practices. Preferred Qualifications: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+). Experience with the NCSC's Active Cyber Defence Toolkit. Familiarity with regulatory requirements and industry standards (e.g., GDPR, ISO 27001). Work Environment: This is a fully remote position, offering flexibility and the opportunity to More ❯

We are seeking a Senior Threat Analyst to join our rapidly growing Information Security team. This role offers a unique opportunity for a seasoned cybersecurity professional to lead our cyber defense strategy, protect our brand from threats, and build our threat intelligence and hunting capabilities from scratch. You will have significant input on tooling and services, with the autonomy … implement them. The ideal candidate is an innovative collaborator with strong technical and communication skills, and a passion for solving complex problems. You'll report to the Head of Cyber Defence and lead the development of advanced CTI and threat hunting strategies, integrating seamlessly into our security processes and driving ongoing improvements. Our Future Health is the UK … aiming to gather data from 5 million volunteers to advance health discoveries. Key Responsibilities Collaborate with the security team and MSP SOC to enhance organizational security. Develop and utilize cyber threat intelligence approaches, including tooling and feeds. Stay updated on the cyber threat landscape, especially in health research sector. Triaging, analyzing, and responding to threat intelligence alerts. Track More ❯

within the IT department operating from London and Houston. The IT Security Team Lead will be based in London. The purpose of the IT Security function is to manage cyber risks and issues for EDF Trading globally. Position purpose The IT Security Team Lead provides line management to the IT security team in London (4 direct reports), collaborates with … a technical background to provide continuity with others in the team and to be an SME to internal stakeholders for IT Security matters, the role has an emphasis on cyber risk management and governance. Main responsibilities Security programme [40%] : Implement and/or manage the implementation of solutions to counter cybersecurity risks in accordance with the global security roadmap … cybersecurity risks. Implementing and maintaining solutions owned by IT Security. Designing and implementing processes. Project planning, managing dependencies and coordinating resources. Governance, risk and compliance [20%] : Manage the regional cyber risk exposure and drive compliance with established policies, standards and procedures including: Working closely with the to continually develop, improve and maintain a globally consistent approach to the adoption More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

About the Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways … of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you're making progress. About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to … play a direct role in helping our clients with one of the most important aspects of their lives - their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The More ❯

Cyber Security Operational Incident Manager - Technical Consultant Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International Cyber Security Operational Incident Manager - Technical Consultant 1 day ago Be among the first 25 applicants Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International About … The Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of … working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress. About Your Team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play More ❯

Engineering: Develop detection rules and maintain playbooks. Automation and Scripting: Automate tasks using tools like Python and PowerShell. Threat Hunting: Identify and mitigate potential threats. Collaboration: Work with other cyber defence teams and communicate findings. Continuous Improvement: Suggest and document process improvements. Monitoring: Provide continuous security console monitoring. Technical Analysis: Analyse incident telemetry and investigation pathways. Intelligence Integration … AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join Centrica? Dynamic and innovative team. Continuous learning and professional development. Supportive and inclusive work environment. Competitive salary and bonus potential. Employee Energy Allowance at More ❯

Social network you want to login/join with: Are you ready to take the lead in safeguarding critical networks and mentoring the next generation of cyber defenders? We’re on the hunt for a SOC Analyst to join our high-performing SOC team. As a key player in our cyber defence operations, you’ll lead from … the front—managing teams, guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. … strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g., LogRhythm, Splunk) and IDS systems (e.g., Snort). In-depth knowledge of network and host security. Skilled in More ❯

Are you a seasoned Cybersecurity Engineer ready to play a key role in defending a global enterprise against evolving cyber threats? We are seeking a Senior Cybersecurity Engineer to join our London-based team and help strengthen the digital resilience of one of the most dynamic players in the insurance and underwriting sector. About the Role As part of … our Security Engineering team, you'll be instrumental in enhancing our cyber defence capabilities across our global infrastructure. From designing and implementing cutting-edge security solutions to influencing architectural decisions and leading key security projects, your work will directly contribute to our mission of maintaining a strong, agile, and secure digital environment. What You'll Do Lead security More ❯

Job Description: Cyber Defence Associate Product Analyst - Monitoring & Response Manchester or Staines Permanent: £43.4k - £54.2k + fantastic benefits Full time, 37.5 hours per week We consider all types of flexibility, including locations, hours and working patterns. Working in our UK support functions you’ll play a key part in helping our customer facing colleagues deliver exceptional standards of … have an opportunity to do work that matters. Making a difference to the lives of our customers each and every day. The role As an associate product analyst within Cyber Defence, you will be responsible for working with operational teams, architecture and engineering for a suite of security tooling and services which make up a specific product group. … This role is responsible for the Monitoring & Defence product group You’ll help us make health happen by Gathering and documenting requirements from operational service owners Working with Engineering to design and deliver solutions to meet requirements Workload/Backlog management and prioritisation of engineering tasks using agile methodologies Toolset lifecycle management Vendor relationship engagement Working with Cyber More ❯

Cyber Security Analyst/Engineer Location: Ideally based in York or Leeds Working Pattern: Full time, Monday to Friday, working Hybrid – with travel to office locations as required Salary: £45,000 – £65,000 (dependent on experience) + car allowance Overview An exciting opportunity has become available for a Cyber Security Analyst/Engineer to join a growing, forward … Azure) Review vulnerabilities and drive remediation plans across the environment in collaboration with relevant teams Key Skills & Experience Technically minded security engineer with a solid foundation in hands-on cyber defence Proficiency with tools such as SIEM, PAM, web/email filtering (e.g. Mimecast), IDS/IPS, antivirus, endpoint protection, Microsoft Sentinel, and vulnerability assessment tools (e.g. Tenable More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … while maximizing data insights and intelligence to inform operational and strategic decision-making. Drive collaboration across Arm and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Norwich Job Details: Client: Not specified Location: Norwich, UK (flexible location) Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic … team. The role involves maintaining the security and resilience of our digital infrastructure by managing cyber incidents. This is an opportunity to be a key member of Cyber Defence, working with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is preferred. This position requires … on-call and overtime support during serious cyber attacks. Responsibilities: Build and implement IR capabilities following industry frameworks (NIST, SANS) Lead cyber incident management and investigations, determine root causes, and recommend remediation Collaborate with IT, Privacy, Legal teams, and stakeholders; communicate incident status Conduct post-incident reviews for continuous improvement Perform digital forensics and malware analysis Develop cyber More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Chelmsford Location in the UK is flexible. Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our team. The role involves maintaining the security of Element’s digital infrastructure by managing cyber incidents. This is a key … position in Cyber Defence, working closely with stakeholders to develop a robust 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is preferred. This position requires on-call duties and overtime during serious cyber attacks. Responsibilities: Build Element’s IR capability following industry best practices (NIST, SANS, etc.). … Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders. Provide incident reports. Conduct post-incident reviews for continuous improvement. Perform digital forensics and malware analysis. Contribute to developing cyber defence metrics and KPIs. Stay updated on cyber threats and technologies. Maintain relationships with external More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Brighton Location: Brighton, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves maintaining the … security of Element’s digital infrastructure by managing cyber incidents. This is a unique opportunity to be a key member of Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is encouraged. This position requires on-call duties and overtime … during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability following industry best practices (NIST, SANS, etc.). Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders; report incident statuses. Conduct post-incident reviews for continuous improvement. Perform digital forensics More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Cardiff Location: Cardiff, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves managing and … responding to cyber incidents to maintain the security of Element’s digital infrastructure. This is a key position in Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is preferred. This position requires on-call duties and overtime during serious … cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability, implementing best practices aligned with industry standards like NIST and SANS. Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and stakeholders; report incident statuses. Conduct post-incident reviews for continuous improvement. Perform digital forensics More ❯

Join to apply for the Cyber Security Incident Responder role at Element Materials Technology Join to apply for the Cyber Security Incident Responder role at Element Materials Technology Overview We are looking for an enthusiastic and experienced Overview We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing … team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what you see as a … great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities Help build Element’s IR capability. More ❯

Principal Network Defence Analyst - Peterborough Job Title: Principal Network Defence Analyst Location: Peterborough (Hybrid) Contract and shift details: Permanent, full-time position (37.5 hours per week), with participation in an on-call rota approximately once every six weeks—covering out-of-hours support, including evenings and weekends. Are you an experienced network professional with a keen interest in … cyber defence and skilled at solving complex infrastructure challenges? Do you thrive in a critical role where connectivity and security converge to protect global operations? Our Cyber Security team is looking for a Principal Network Defence Analyst to join our DevSecOps function—playing a critical role in shaping, maintaining, and innovating our network security landscape. This … is a hybrid role combining deep technical knowledge of connectivity with a strategic approach to cyber defence. You\\\'ll work closely with internal teams and external vendors to ensure our infrastructure remains secure, scalable, and aligned with our wider security goals. What you\\\'ll be doing: Act as the subject matter expert for network security, providing technical leadership across More ❯

The Go to OT Security Recruiter! Senior Recruitment Consultant @ SR2 | Socially Responsible Recruitment | Certified B Corporation. Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from … evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure alignment with IEC62443, NIS, CAF, OG86, and … systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. Effective communicator with proven ability to influence and collaborate across functions. Comfortable working More ❯

Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service 1 week ago Be among the first 25 applicants Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service Direct message the job poster from Crown Commercial Service Recruitment Advisor at Crown Commercial Service Position: Lead Cyber Security Analyst … improved digital technologies to enhance the services we provide, the ways we work, and how we interact with our customers, suppliers and other stakeholders. We’re implementing a new cyber security function as part of Agile digital delivery within our growing team, and the pace and scale of change within the Directorate is unprecedented . Job Summary In this … critical role, establishing and leading our newly formed cyber security team, you will be responsible for understanding, detecting and responding to cyber threats and vulnerabilities affecting the Services we operate, as well as leading on regular IT Health Check’s, resolving any issues identified that need addressing, and working with Operations and Development teams to prevent these issues More ❯

You will need to login before you can apply for a job. SOC Shift Lead – Cyber Defence & Security Location: On–site, Hemel Hempstead Salary: GBP58K – GBP65K + Benefits Security Clearance: Must be eligible for DV Clearance ? Shifts: 2 Days (6AM–6PM), 2 Nights (6PM–6AM), 4 Days Off Lead the Future of Cyber Defence Join a … high–performing Cyber Security team at the forefront of Aerospace, Defence, and National Security. We're on a growth trajectory and looking for a SOC Shift Lead to take charge, drive innovation, and protect critical infrastructure. Your Impact: Lead the SOC: Monitor, triage, and investigate security incidents to safeguard critical assets. Threat Intelligence: Analyse network traffic, logs, and … system events to detect vulnerabilities. People Leadership: Manage and mentor analysts, shaping the future of cyber defence. Optimise Security Operations: Enhance SOC tools , improve detection rules, and refine security processes using MITRE ATT&CK . Represent the SOC: Engage with key partners and stakeholders. What You Bring: ? SOC Expertise: Proven experience in Security Operations Centres with hands–on threat More ❯