1 to 25 of 242 Cyber Defence Jobs in the UK

As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be a part of the first line of defence … for potentially major security incidents to support incident response efforts and may include assignment to an on-call rotation for evenings, weekends, holidays. Summary of Primary Responsibilities As the Cyber Defence Analyst, you will: Contribute to daily security operations by overseeing response activities for security events and alerts associated with cyber threats, intrusions, and compromises alongside a … team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate with external teams for incident resolution and escalations, driving incident More ❯

Defence Digital ensures our Armed Forces remain among the most technologically advanced in the world. We do this by putting innovative and effective technology into the hands of over 200,000 users, from the boardroom to the front line. We lead on cutting-edge data science, automation, and cyber security at scale. Our mission goes beyond the battlefield … the required level of competence. The role: Within the Global Operations and Security Control Centre (GOSCC), the Security Operations Centres (SOCs) provide a coherent, holistic and coordinated approach to Cyber Defence, underpinning the MOD's Defensive Cyber Operation and freedom of action in cyberspace. The Defensive monitoring and incident response elements are responsible for the 24/…/365 detection of, and response to, cyber incidents impacting the MOD’s digital enterprise. As a Cyber Security Analyst in the SOC team, you’ll be collaborating with cross-functional teams to detect, analyse and respond to potential security incidents, ensuring the protection of our data and information systems. You’ll identify emerging threats, support implementation of More ❯

threats. Key Responsibilities: Vulnerability Management: Develop, implement, and operate vulnerability management capabilities using tools like Tenable One. Deploy, configure, and manage vulnerability assessment tools (e.g., Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various … teams. In-depth understanding of the current threat landscape and security best practices. Preferred Qualifications: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+). Experience with the NCSC's Active Cyber Defence Toolkit. Familiarity with regulatory requirements and industry standards (e.g., GDPR, ISO 27001). Work Environment: This is a fully remote position, offering flexibility and the opportunity to More ❯

We are seeking a Senior Threat Analyst to join our rapidly growing Information Security team. This role offers a unique opportunity for a seasoned cybersecurity professional to lead our cyber defense strategy, protect our brand from threats, and build our threat intelligence and hunting capabilities from scratch. You will have significant input on tooling and services, with the autonomy … implement them. The ideal candidate is an innovative collaborator with strong technical and communication skills, and a passion for solving complex problems. You'll report to the Head of Cyber Defence and lead the development of advanced CTI and threat hunting strategies, integrating seamlessly into our security processes and driving ongoing improvements. Our Future Health is the UK … aiming to gather data from 5 million volunteers to advance health discoveries. Key Responsibilities Collaborate with the security team and MSP SOC to enhance organizational security. Develop and utilize cyber threat intelligence approaches, including tooling and feeds. Stay updated on the cyber threat landscape, especially in health research sector. Triaging, analyzing, and responding to threat intelligence alerts. Track More ❯

Cyber SOC Analyst – Corsham Location: On-site, 5 days per week (Corsham) Security Clearance: Must currently hold SC clearance and be eligible for DV Citizenship Requirement: Sole British only About the Role Embedded within an established customer Security Operations Centre (SOC), this role involves participating in core SOC functions, identifying opportunities for improvement, and driving best practices in cyber defence operations. You will play a key role in monitoring and responding to cyber threats, supporting threat detection and mitigation, and contributing to continuous improvement in security posture. Key Responsibilities Conduct reactive monitoring across client networks to deliver agile cyber defence across all domains Triage and manage alerts, perform impact assessments, and recommend mitigation strategies … Improve and enforce cyber security policies, procedures, and operational directives Maintain awareness of emerging cyber threats, vulnerabilities, and industry developments Share insights via reports, threat briefs, and team knowledge-sharing sessions Your Profile Experience working as a Security Analyst in a SOC or similar security monitoring environment Knowledge of data networks and SIEM tools Strong understanding of security More ❯

Client: LHH Location: corsham, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 28.06.2025 Expiry Date: 12.08.2025 col-wide Job Description: Cyber SOC Analyst – Corsham Location: On-site, 5 days per week (Corsham) Security Clearance: Must currently hold SC clearance and be eligible for DV Citizenship Requirement: Sole British only About … the Role Embedded within an established customer Security Operations Centre (SOC), this role involves participating in core SOC functions, identifying opportunities for improvement, and driving best practices in cyber defence operations. You will play a key role in monitoring and responding to cyber threats, supporting threat detection and mitigation, and contributing to continuous improvement in security posture. … Key Responsibilities Conduct reactive monitoring across client networks to deliver agile cyber defence across all domains Triage and manage alerts, perform impact assessments, and recommend mitigation strategies Improve and enforce cyber security policies, procedures, and operational directives Maintain awareness of emerging cyber threats, vulnerabilities, and industry developments Share insights via reports, threat briefs, and team knowledge More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environmentRecent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and Azure … tools and platforms and their integration into SOC operations. Responsibilities:Lead technical migration of log sources into Microsoft Sentinel SIEM.Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities.Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … intelligence and vulnerability management.Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency.Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.Collaborate with third-party More ❯

Social network you want to login/join with: Cyber Defence Analyst Splunk CSIRT, London col-narrow-left Client: Client Server Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: 4d32516f9aa5 Job Views: 4 Posted: 29.06.2025 Expiry Date: 13.08.2025 col-wide Job Description: Cyber Defence Analyst (Splunk CSIRT … London to £80k Are you a tech savvy Cyber Defence Analyst with a broad range of security knowledge? You could be progressing your career at a global, hugely profitable, Investment Management firm. As a Cyber Defence Analyst you will take a proactive approach to threat hunting and security incident response. You'll play a key role … work from home one day a week. About you: You have strong experience in Security Operations, CSIRT or similar role You have experience of building out functions of a Cyber Defence Team e.g. insider risk, threat intelligence, breach attack simulation You have a strong knowledge of SIEM and deep Splunk experience You have a good understanding of various More ❯

About the Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways … of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you're making progress. About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to … play a direct role in helping our clients with one of the most important aspects of their lives - their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The More ❯

Cyber Security Operational Incident Manager - Technical Consultant Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International Cyber Security Operational Incident Manager - Technical Consultant 1 day ago Be among the first 25 applicants Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International About … The Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of … working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress. About Your Team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play More ❯

Lead Cyber Security Analyst (6 month FTC) When you join Simply Business, you’ll protect us from threat actors who attempt to evade our cyber defences. This is a hands-on technical position where you’ll play an important role in increasing the maturity of our Security Operations Centre (SOC). Additionally, you’ll need a strong drive … a rapidly evolving environment, which will bring new challenges and opportunities for growth on a regular basis. You’ll be empowered to develop and explore your unique passion for cyber security operations. In return we offer an extremely agile working environment with some of the latest technologies such as SASE, AI and with lots of automation. One of our … Laura the Security Operations Manager, and working alongside an award winning team of 5 other analysts and 3 engineers with a diverse set of technical skills and backgrounds within cyber security. As our Lead Cyber Security Analyst, you’ll: develop and maintain the security incident response process, including all required supporting materials be technical escalation point for complex More ❯

Engineering: Develop detection rules and maintain playbooks. Automation and Scripting: Automate tasks using tools like Python and PowerShell. Threat Hunting: Identify and mitigate potential threats. Collaboration: Work with other cyber defence teams and communicate findings. Continuous Improvement: Suggest and document process improvements. Monitoring: Provide continuous security console monitoring. Technical Analysis: Analyse incident telemetry and investigation pathways. Intelligence Integration … AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join Centrica? Dynamic and innovative team. Continuous learning and professional development. Supportive and inclusive work environment. Competitive salary and bonus potential. Employee Energy Allowance at More ❯

Cyber Security Analyst/Engineer Location: Ideally based in York or Leeds Working Pattern: Full time, Monday to Friday, working Hybrid – with travel to office locations as required Salary: £45,000 – £65,000 (dependent on experience) + car allowance Overview An exciting opportunity has become available for a Cyber Security Analyst/Engineer to join a growing, forward … Azure) Review vulnerabilities and drive remediation plans across the environment in collaboration with relevant teams Key Skills & Experience Technically minded security engineer with a solid foundation in hands-on cyber defence Proficiency with tools such as SIEM, PAM, web/email filtering (e.g. Mimecast), IDS/IPS, antivirus, endpoint protection, Microsoft Sentinel, and vulnerability assessment tools (e.g. Tenable More ❯

Social network you want to login/join with: Join a Leading Cyber Defence Operations Team and help safeguard against global cyber risks! Location: Reading - 2 Days a week on site Employment Type: Permanent The Cyber Defence Operations team is responsible for protecting customers against cyber threats worldwide. The team’s mission is to … enhance the global cyber defence posture and reduce cyber risks through operational leadership and capabilities. We’re looking for a Level 3 SOC Analyst to join our client's team, offering expertise in security analysis and incident response to help drive the success of their Cyber Security Operations Center (CSOC). In this role, you will … intrusions. Lead forensic analysis and threat hunting efforts to ensure rapid containment and recovery. Security Analysis and Root Cause Analysis: Conduct detailed analysis of security events to address current cyber threats. Participate in or lead security event analysis activities. Security Reporting and Advisories: Contribute to or lead the delivery of cyber security reports and advisories to key stakeholders. More ❯

Social network you want to login/join with: Join a Leading Cyber Defence Operations Team and help safeguard against global cyber risks! Location: Reading - 2 Days a week on site Employment Type: Permanent The Cyber Defence Operations team is responsible for protecting customers against cyber threats worldwide. The team’s mission is to … enhance the global cyber defence posture and reduce cyber risks through operational leadership and capabilities. We’re looking for a Level 3 SOC Analyst to join our client's team, offering expertise in security analysis and incident response to help drive the success of their Cyber Security Operations Center (CSOC). In this role, you will … intrusions. Lead forensic analysis and threat hunting efforts to ensure rapid containment and recovery. Security Analysis and Root Cause Analysis: Conduct detailed analysis of security events to address current cyber threats. Participate in or lead security event analysis activities. Security Reporting and Advisories: Contribute to or lead the delivery of cyber security reports and advisories to key stakeholders. More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and More ❯

Head of Global Cyber Defence page is loaded Head of Global Cyber Defence Apply locations UK - Greater London time type Full time posted on Posted 2 Days Ago time left to apply End Date: July 11, 2025 (10 days left to apply) job requisition id 533484 Hello . We're Haleon . A new world-leading … question. This is an exciting time to join us and help shape the future. It's an opportunity to be part of something special. Job Title: Head of Global Cyber Defense Department : IT/Cyber Security Business Area : Cyber Defense Reports To : Chief Information Security Officer Location : London, UK Direct Reports : 5 Indirect Reports : 40 Role Summary … The Head of Global Cyber Defense is a senior leadership role responsible for shaping and executing the strategic vision of the Global Cyber Defense (GCD) organization. This position leads a diverse team across multiple cybersecurity domains including Incident Response, Threat Intelligence, Red Team, Cyber Countermeasures, Threat Hunting, Vulnerability Management, Forensics, eDiscovery, and Insider Threat programs. The role More ❯

the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … while maximizing data insights and intelligence to inform operational and strategic decision-making. Drive collaboration across Arm and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Brighton Location: Brighton, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves maintaining the … security of Element’s digital infrastructure by managing cyber incidents. This is a unique opportunity to be a key member of Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is encouraged. This position requires on-call duties and overtime … during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability following industry best practices (NIST, SANS, etc.). Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders; report incident statuses. Conduct post-incident reviews for continuous improvement. Perform digital forensics More ❯

Principal Network Defence Analyst - Peterborough Job Title: Principal Network Defence Analyst Location: Peterborough (Hybrid) Contract and shift details: Permanent, full-time position (37.5 hours per week), with participation in an on-call rota approximately once every six weeks—covering out-of-hours support, including evenings and weekends. Are you an experienced network professional with a keen interest in … cyber defence and skilled at solving complex infrastructure challenges? Do you thrive in a critical role where connectivity and security converge to protect global operations? Our Cyber Security team is looking for a Principal Network Defence Analyst to join our DevSecOps function—playing a critical role in shaping, maintaining, and innovating our network security landscape. This … is a hybrid role combining deep technical knowledge of connectivity with a strategic approach to cyber defence. You\\\'ll work closely with internal teams and external vendors to ensure our infrastructure remains secure, scalable, and aligned with our wider security goals. What you\\\'ll be doing: Act as the subject matter expert for network security, providing technical leadership across More ❯

The Go to OT Security Recruiter! Senior Recruitment Consultant @ SR2 | Socially Responsible Recruitment | Certified B Corporation. Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from … evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure alignment with IEC62443, NIS, CAF, OG86, and … systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. Effective communicator with proven ability to influence and collaborate across functions. Comfortable working More ❯

Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service 1 week ago Be among the first 25 applicants Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service Direct message the job poster from Crown Commercial Service Recruitment Advisor at Crown Commercial Service Position: Lead Cyber Security Analyst … improved digital technologies to enhance the services we provide, the ways we work, and how we interact with our customers, suppliers and other stakeholders. We’re implementing a new cyber security function as part of Agile digital delivery within our growing team, and the pace and scale of change within the Directorate is unprecedented . Job Summary In this … critical role, establishing and leading our newly formed cyber security team, you will be responsible for understanding, detecting and responding to cyber threats and vulnerabilities affecting the Services we operate, as well as leading on regular IT Health Check’s, resolving any issues identified that need addressing, and working with Operations and Development teams to prevent these issues More ❯

CDC (CyberDefence Centre) Specialist Flexible location - Glasgow, Ipswich, London, Northampton or Selby Career level 5 Closing date: Monday 23rd June 2025 Who we are We're not just talking about making a difference, we're making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to … We're enabling a zero-carbon, lower-cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a CDC (CyberDefence Centre) Specialist at Drax, your role will involve varied activities. This includes monitoring and responding to security incidents, conducting investigations, assisting the CDC team in daily BAU activities, and implementing … CDC team members, as well as standing in for the CDC Detect & Response Manager when necessary. You'll collaborate and coordinate with the Product & Engineering, Threat Intelligence & Operational Technology Cyber Teams to ensure synergy across all cyber teams, and build relationships with stakeholders across Drax to support a holistic security approach. Who we're looking for The successful More ❯