1 to 25 of 38 Cyber Defence Jobs in the South West

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

CDC (Cyber Are you the right candidate for this opportunity Make sure to read the full description below. Defence Centre) Specialist Flexible location – Glasgow, Ipswich, London, Northampton or Selby Career level 5 Closing date: Monday 23rd June 2025 Who we are We’re not just talking about making a difference, we’re making it happen. We generate dispatchable … We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a CDC (Cyber Defence Centre) Specialist at Drax, your role will involve varied activities. This will include monitoring and responding to security incidents, conducting investigations, assisting the CDC team in daily … CDC team members, as well as standing in for the CDC Detect & Response Manager where necessary. You’ll collaborate and coordinate with the Product & Engineering, Threat Intelligence & Operational Technology Cyber Team to ensure synergy across all cyber teams, and build relationships with stakeholders across Drax to support the requirement for a holistic security approach. Who we’re looking More ❯

Embedded with an existing Customer SOC Capgemini supplies a level of cyber expertise and corporate experience assisting the customer in regular SOC activities as well as proposing new processes and bringing best practice to the workplace. Must be a sole British National. This role is based five days per week on-site in Corsham. If you are successfully offered … going back three continuous years and unspent criminal record check known as Disclosure and Barring Service. Your role Conduct reactive monitoring of client networks to deliver a layered agile cyber defence capability across all security domains. Manage and triage alerts conduct impact assessments and develop mitigating strategies to be briefed up the chain of command. Improve and comply … all extant cyber security policies procedures and orders review and amend when required. Maintain and share knowledge of current cyber issues vulnerabilities and exploits through research technical reports and briefs. You can bring your whole self to work At Capgemini striving for equity diversity and inclusion is part of everyday life and will be part of your working More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Gloucester Client: Location: Gloucester, United Kingdom Job Category: Other - EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing team. The … role involves maintaining the security and resilience of Element’s digital infrastructure by managing cyber incidents. This is a unique opportunity to be a key member of Cyber Defence, working closely with stakeholders to develop a comprehensive 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is encouraged. This … position requires on-call duties and overtime during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability following industry frameworks like NIST and SANS. Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders; prepare incident reports. Conduct post-incident reviews More ❯

Social network you want to login/join with: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a … unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR … . This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build Element’s IR capability. Implement best practice in line with NIST, SANS and other industry frameworks Govern and coordinate cyber incidents. Act as the lead incident manager and technical authority for Cyber Defence. More ❯

Social network you want to login/join with: Cyber Security Incident Responder, bristol col-narrow-left Client: Location: bristol, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR … our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what … you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build More ❯

Social network you want to login/join with: Cyber Security Incident Responder, bournemouth col-narrow-left Client: Location: bournemouth, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR … our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what … you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build More ❯

Social network you want to login/join with: Cyber Security Incident Responder, exeter col-narrow-left Client: Location: exeter, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR … our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what … you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build More ❯

Social network you want to login/join with: Cyber Security Incident Responder, cheltenham col-narrow-left Client: Location: Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 col-wide Job Description: We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our … dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what you … see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build Element More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Swindon, Wiltshire Client: Location: Swindon, Wiltshire, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 9 Posted: 10.06.2025 Expiry Date: 25.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our team. The role involves … maintaining the security of Element’s digital infrastructure by managing cyber incidents. You will collaborate with various stakeholders to develop a 24/7 cyber defence capability, with opportunities to leverage experience in Digital Forensics and Incident Response (DFIR). This role may require on-call duties and overtime during serious cyber attacks. Location in the … UK is flexible. Responsibilities: Build and implement Element’s IR capability following industry best practices Lead cyber incident management and investigations, determining root causes and remediation steps Coordinate with IT, Privacy, Legal teams, and senior stakeholders; prepare incident reports Conduct post-incident reviews for continuous improvement Perform digital forensics and malware analysis to assess incidents Contribute to developing cyber More ❯

Type: Contract Pay Rate: £600 - £700 per day Job Summary We are looking for a mission-driven Data Scientist to join our team supporting high-impact initiatives in the Defence and National Security sector. You will apply advanced analytical techniques, machine learning, and statistical modelling to solve complex operational challenges. Working within a secure, multidisciplinary environment, you'll help … deliver data-driven insights to support decision-making, threat detection, intelligence analysis, and national defence strategies. Key Responsibilities Develop and deploy data models, machine learning algorithms, and statistical analyses to support defence and national security operations. Work with structured and unstructured data from diverse sources such as sensors, ISR feeds, satellite imagery, communications, cyber threat logs, and … data handling, classification, and ethical use policies in a high-security environment. Stay up to date with emerging technologies in AI, deep learning, and data analytics relevant to the defence sector. Skills and Qualifications Essential: Proven experience as a Data Scientist, ideally in defence, intelligence, law enforcement, or government. Active EDV/UK*C security clearance. Proficient in More ❯

the opportunity to not just be recognised for your skills but encouraged to build upon them and empowered to do your absolute best. Our CISO function is created by Cyber Defence Centre, Business Resilience, Privacy & Information Management, Strategy & Operating Office and Security Design, Innovation & Enablement. What we look for We are looking for a Security Engineer who will … by our Threat Intelligence and Operational Security teams. Who you will work with As a Security Engineer you will become a member of the Security Engineering team within the Cyber Defence Centre, and you will report to the Security Engineering Manager. This is a 12-month Fixed Term Contract opportunity. This is a hybrid role with t wo … application security, incident response, forensics, and encryption. Technical Proficiency : Strong foundation in algorithms, data structures, databases, networks, and tool development. Desirable Skills Proficiency with Microsoft security tooling. Familiarity with Cyber Defence areas, including threat intelligence, detect and response, and engineering. Understanding of risk assessment in technical decision-making. Experience in financial environments. Qualifications Essential certifications: CISM, CISSP, M.Inst.ISP More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Plymouth Location: Plymouth, United Kingdom Client: Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves maintaining … the security of Element’s digital infrastructure by managing cyber incidents. This is a key position in Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is preferred. This role requires on-call work and overtime during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build and implement Element’s IR capability following industry best practices Lead cyber incident management and investigations to identify root causes and remediation actions Collaborate with IT, Privacy, Legal teams, and stakeholders; report incident status Conduct post-incident reviews and digital forensics, malware analysis Develop cyber defence metrics More ❯

in real-time threat monitoring, incident response, and security enhancement. About the Role: As an SOC and Incident Response L3 Consultant, you’ll be a critical part of the cyber defence team, working closely with offshore colleagues to monitor, analyse, and respond to security alerts and incidents. You’ll take ownership of investigations, coordinate responses, and help refine … emerging threats and evolving attack vectors. Collaborate with clients, internal teams, and vendors during incident handling. Enhance SOC processes and contribute to training initiatives. Advise on effective, cost-conscious cyber defenses. Utilize SOAR platforms to streamline detection and response processes. Develop risk mitigation plans and recommend security controls. Essential Experience: Demonstrated experience in alert/threat investigation. Proven capability More ❯

trusted Security Depth Partner. In short giving you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised … cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: PowerShell, Python, REST APIs Log ingestion More ❯

trusted Security Depth Partner. In short giving you unparalleled access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised … cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: PowerShell, Python, REST APIs Log ingestion More ❯

for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First Responders assist … customer cloud infrastructure & security posture. Monitoring and resolution of key security metrics. Identify emerging security trends. IOC creation based on emerging threats. Acting as a key part of the cyber incident response team. Completion of proactive security reports. 24/7 Shift Work – 4 on 4 off pattern. This role will require working within a close-knit team to … help build Stripe OLT as a global leader in cyber security – focused specifically on defensive domains. The role requires a self-starter, an ideal team player who wants to be part of a truly team driven environment. As a First Responder, you must display excellent outside-the-box thinking and communication skills. DESIRABLE EXPERIENCE. Vulnerability Assessment experience. Knowledge of More ❯

opportunity to not just be recognised for your skills but encouraged to build upon them and empowered to do your absolute best. We have an exciting opportunity for a Cyber Vulnerability Analyst to join our Cyber Defence Centre! Reporting into the Vulnerability & Testing Manager, you'll be a key member of our Cyber Defence ‘Assure … identification, contextualisation, prioritisation, and tracking framework. Relationship management with key technology stakeholders to ensure vulnerability (including cloud configuration weakness) priorities are understood and tracked appropriately. Collaborating with the wider Cyber Defence and CISO teams to ensure appropriate mitigation actions are considered within our security capabilities; putting automation at the heart of everything we do. What you'll need … desirable if you have: Experience with vulnerability and cloud security posture management tools across multi-cloud estates. Best practice understanding of Azure, AWS & GCP environments setup. Understanding of wider Cyber Defence areas, such as threat intelligence, operations and engineering and how these areas influence posture improvements opportunities. Experience working in environments undergoing change programs. Cloud Security Administrator or More ❯

purchase products at the point of sale. Role Overview Location: Warrington What you’ll be doing: Monitor and respond to real-time security alerts and incidents Collaborate with internal cyber teams, including GRC and Cyber Defence, to analyse, escalate, and manage security incidents effectively Utilise a range of security tools such as SIEM, IDS, antivirus, vulnerability scanners More ❯

purchase products at the point of sale. Role Overview Location: Warrington What you’ll be doing: Monitor and respond to real-time security alerts and incidents Collaborate with internal cyber teams, including GRC and Cyber Defence, to analyse, escalate, and manage security incidents effectively Utilise a range of security tools such as SIEM, IDS, antivirus, vulnerability scanners More ❯

purchase products at the point of sale. Role Overview Location: Warrington What you’ll be doing: Monitor and respond to real-time security alerts and incidents Collaborate with internal cyber teams, including GRC and Cyber Defence, to analyse, escalate, and manage security incidents effectively Utilise a range of security tools such as SIEM, IDS, antivirus, vulnerability scanners More ❯

Java Developer – GLoucester | Permanent | On-Site | 4-day Flex Working Defence, Cyber & Intelligence Programmes | Competitive Benefits About the Opportunity A leading defence and cybersecurity organisation is seeking Java Developers at all levels to join their growing team, working across a range of cutting-edge projects in the national security, cyber defence, and intelligence sectors. You More ❯

Social network you want to login/join with: The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes … and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. We’re expanding our team of Linux Engineers. If you have a solid Linux foundation … your knowledge and skillsets have become established. This is an exciting opportunity to get hands-on with hardware builds for deployed Big Data systems and to broaden experience of cyber defence systems. "All applicants must hold or be prepared to undergo National Security Vetting (NSV) Security Check (SC) level" Due to the Secure Nature of the work, we More ❯

and defense technology innovator, delivering end-to-end solutions that meet customers’ mission-critical needs. The company provides advanced defense and commercial technologies across space, air, land, sea and cyber domains. L3Harris has approximately $18 billion in annual revenue and 50,000 employees, with customers in more than 100 countries. Job Title – Applied Mathematics Graduate Job Location – Tewkesbury, UK … Job ID – 16232 About this opportunity and L3Harris UK From 12 UK sites, our team of over 1,400 people deliver unique capabilities across air, land, sea, space and cyber for military, security and commercial customers, worldwide. L3Harris in Tewkesbury and Fleet are part of our ICI division, we work closely with UK Government and Security Agencies primarily in … the areas of crypto/cyber security, electronic warfare, counter drone capabilities and situation awareness projects. Are you passionate about solving complex problems and applying your mathematical skills to real-world challenges? Do you want to be at the forefront of cutting-edge technology that protects and defends? This is an exciting opportunity to work on the research and More ❯

Location(s): Gloucester or Manchester BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Job Title: Software Engineer Requistion ID: 120499 Location … encouraged to identify new ways of solving problems and get to work in a range of different teams across our customer organisations. You'll be part of the biggest defence company in the UK however we have a startup-like culture nurtured by sports and social clubs, being a safe place to fail, meaning and self-fulfilment over business … can work together to achieve excellence and realise individual and organisational potential. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management More ❯