1 to 25 of 157 Cyber Defence Jobs in the UK excluding London

Lead SOC Analyst Leeds SC Clearance essential Day Shift/On-site A leading UK-based consultancy specialising in Defence and Security is seeking an experienced Lead SOC Analyst to support the day-to-day operations and continuous improvement of a dedicated SOC for a high-profile Critical National Infrastructure (CNI) organisation. This opportunity involves working at the forefront … of cyber defence, helping to secure hundreds of cloud-hosted systems across AWS and Azure environments from persistent and advanced threats. This strategic SOC is designed to be a benchmark of cyber security excellence, blending in-house and consultancy staff across multiple sites. Core operational duties will be conducted from a secure facility in Leeds, due to … SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks Key Responsibilities: Lead operational cyber defence activities across a 24/7 SOC environment. Deliver comprehensive shift handover briefings and ensure continuity across teams. Monitor and analyse SIEM alerts, logs, and network traffic More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

corporate (Fortinet) and customer (AWS) environments to enable timely and effective response to, and management of, incidents, alarms, notifications, calls, and other activities related to the NSOC and new cyber threats. Lead the vulnerability management process to ensure that vulnerabilities are detected, escalated, and remediated for both the customer and corporate environments. Lead the Threat Intelligence process, document and … priorities. Proven ability to work independently on resolving complex issues, assisted by the Information Security Manager, IT and DevSecOps. Excellent experience with the Threat Landscape, Threat Hunting, Adversary Methodologies, Cyber Defence and MITRE attack framework. Significant previous experience working in a lead role in one of the following security areas: NSOC Analyst, Threat Analyst with the ability to … communication and documentation skills. Organised and willing to document and drive process and procedure. Nice to have but not essential: Working knowledge of ISO 27001:2013/2022, GDPR, Cyber Essentials & Cyber Essentials Plus. Experience of network/switch/firewall management & configuration. Advanced understanding and demonstrable experience of networking principles, IT architecture and security architecture. Shift management More ❯

About the Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways … of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you're making progress. About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to … play a direct role in helping our clients with one of the most important aspects of their lives - their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The More ❯

Cyber Security Operational Incident Manager - Technical Consultant Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International Cyber Security Operational Incident Manager - Technical Consultant 1 day ago Be among the first 25 applicants Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International About … The Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of … working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress. About Your Team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play More ❯

Engineering: Develop detection rules and maintain playbooks. Automation and Scripting: Automate tasks using tools like Python and PowerShell. Threat Hunting: Identify and mitigate potential threats. Collaboration: Work with other cyber defence teams and communicate findings. Continuous Improvement: Suggest and document process improvements. Monitoring: Provide continuous security console monitoring. Technical Analysis: Analyse incident telemetry and investigation pathways. Intelligence Integration … AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join Centrica? Dynamic and innovative team. Continuous learning and professional development. Supportive and inclusive work environment. Competitive salary and bonus potential. Employee Energy Allowance at More ❯

Social network you want to login/join with: Are you ready to take the lead in safeguarding critical networks and mentoring the next generation of cyber defenders? We’re on the hunt for a SOC Analyst to join our high-performing SOC team. As a key player in our cyber defence operations, you’ll lead from … the front—managing teams, guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. … strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g., LogRhythm, Splunk) and IDS systems (e.g., Snort). In-depth knowledge of network and host security. Skilled in More ❯

Cyber Security Analyst/Engineer Location: Ideally based in York or Leeds Working Pattern: Full time, Monday to Friday, working Hybrid – with travel to office locations as required Salary: £45,000 – £65,000 (dependent on experience) + car allowance Overview An exciting opportunity has become available for a Cyber Security Analyst/Engineer to join a growing, forward … Azure) Review vulnerabilities and drive remediation plans across the environment in collaboration with relevant teams Key Skills & Experience Technically minded security engineer with a solid foundation in hands-on cyber defence Proficiency with tools such as SIEM, PAM, web/email filtering (e.g. Mimecast), IDS/IPS, antivirus, endpoint protection, Microsoft Sentinel, and vulnerability assessment tools (e.g. Tenable More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … while maximizing data insights and intelligence to inform operational and strategic decision-making. Drive collaboration across Arm and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Brighton Location: Brighton, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves maintaining the … security of Element’s digital infrastructure by managing cyber incidents. This is a unique opportunity to be a key member of Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is encouraged. This position requires on-call duties and overtime … during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability following industry best practices (NIST, SANS, etc.). Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders; report incident statuses. Conduct post-incident reviews for continuous improvement. Perform digital forensics More ❯

The Go to OT Security Recruiter! Senior Recruitment Consultant @ SR2 | Socially Responsible Recruitment | Certified B Corporation. Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from … evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure alignment with IEC62443, NIS, CAF, OG86, and … systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. Effective communicator with proven ability to influence and collaborate across functions. Comfortable working More ❯

Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service 1 week ago Be among the first 25 applicants Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service Direct message the job poster from Crown Commercial Service Recruitment Advisor at Crown Commercial Service Position: Lead Cyber Security Analyst … improved digital technologies to enhance the services we provide, the ways we work, and how we interact with our customers, suppliers and other stakeholders. We’re implementing a new cyber security function as part of Agile digital delivery within our growing team, and the pace and scale of change within the Directorate is unprecedented . Job Summary In this … critical role, establishing and leading our newly formed cyber security team, you will be responsible for understanding, detecting and responding to cyber threats and vulnerabilities affecting the Services we operate, as well as leading on regular IT Health Check’s, resolving any issues identified that need addressing, and working with Operations and Development teams to prevent these issues More ❯

You will need to login before you can apply for a job. SOC Shift Lead – Cyber Defence & Security Location: On–site, Hemel Hempstead Salary: GBP58K – GBP65K + Benefits Security Clearance: Must be eligible for DV Clearance ? Shifts: 2 Days (6AM–6PM), 2 Nights (6PM–6AM), 4 Days Off Lead the Future of Cyber Defence Join a … high–performing Cyber Security team at the forefront of Aerospace, Defence, and National Security. We're on a growth trajectory and looking for a SOC Shift Lead to take charge, drive innovation, and protect critical infrastructure. Your Impact: Lead the SOC: Monitor, triage, and investigate security incidents to safeguard critical assets. Threat Intelligence: Analyse network traffic, logs, and … system events to detect vulnerabilities. People Leadership: Manage and mentor analysts, shaping the future of cyber defence. Optimise Security Operations: Enhance SOC tools , improve detection rules, and refine security processes using MITRE ATT&CK . Represent the SOC: Engage with key partners and stakeholders. What You Bring: ? SOC Expertise: Proven experience in Security Operations Centres with hands–on threat More ❯

CPS Group is currently working with a leading UK-based Critical National Infrastructure (CNI) organisation, supporting their search for an experienced Incident Response Analyst to join their growing Cyber Resilience Team. This is an exciting opportunity to be a key player in protecting vital national services from cyber threats, working within a Security Operations Centre (SOC) environment and … prevent further impact. Work closely with IT and security teams to develop incident response strategies. Analyse incidents to identify root causes and recommend improvements. Contribute to the development of cyber security plans, policies, and training. What We’re Looking For Proven experience in a SOC or similar cyber security role. Strong understanding of cyber threats, threat intelligence … frameworks, and best practices. Excellent problem-solving and analytical skills. GIAC Certified Incident Handler (GCIH) or equivalent. Degree in Cyber Security or a related field. Additional cyber security certifications. This role offers a unique chance to work in a nationally critical environment, helping safeguard vital services and infrastructure. If you're passionate about cyber defence and More ❯

About the job you're considering Embedded with an existing Customer SOC Capgemini supplies a level of cyber expertise and corporate experience assisting the customer in regular SOC activities as well as proposing new processes and bringing best practice to the workplace. Must be a sole British National. This role is based five days per week on-site in … going back three continuous years and unspent criminal record check known as Disclosure and Barring Service. Your role Conduct reactive monitoring of client networks to deliver a layered agile cyber defence capability across all security domains. Manage and triage alerts conduct impact assessments and develop mitigating strategies to be briefed up the chain of command. Improve and comply … all extant cyber security policies procedures and orders review and amend when required. Maintain and share knowledge of current cyber issues vulnerabilities and exploits through research technical reports and briefs. You can bring your whole self to work At Capgemini striving for equity diversity and inclusion is part of everyday life and will be part of your working More ❯

architectural design and implementation of security solutions that span cloud-native, hybrid, and on-premises environments, with a focus on AWS, Azure, and GCP cloud deployments. Collaborate closely with Cyber Defence Operations, Security Technology Operations, Governance, Risk and Compliance, IT Infrastructure, Engineering, Compliance and AI teams to integrate security tooling and sophisticated security capabilities into business-critical systems. … CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement, cross-team collaboration, and technical excellence More ❯

and demonstrable understanding of penetration testing and red-teaming including NCSC and CREST accredited schemes. Proven experience of successfully managing and delivering testing. Proven experience working within the UK cyber security industry. Demonstrable understanding and practical application of information security principles. Strong technical background in computing, networks, and programming. Proven experience of producing high-quality deliverables working alone and … for and hold SC is required; DV is advantageous. Above all, KPMG is looking for someone who is passionate about helping our clients (including the UK Government) with their cyber security challenges. In return, we are committed to helping you enjoy the role and develop your skills and career within the KPMG network. Why is it a great opportunity More ❯

Social network you want to login/join with: Cyber Security Incident Responder, reading col-narrow-left Client: Location: reading, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR … our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what … you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build More ❯

Position: Cyber Security Lead Location: Liverpool (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber More ❯

Position: Cyber Security Lead Location: Manchester (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber More ❯

Position: Cyber Security Lead Location: Leicester (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber More ❯

Position: Cyber Security Lead Location: Nottingham (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber More ❯