1 to 25 of 61 Cyber Defence Jobs in the UK excluding London

As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be a part of the first line of defence … for potentially major security incidents to support incident response efforts and may include assignment to an on-call rotation for evenings, weekends, holidays. Summary of Primary Responsibilities As the Cyber Defence Analyst, you will: Contribute to daily security operations by overseeing response activities for security events and alerts associated with cyber threats, intrusions, and compromises alongside a … team of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate with external teams for incident resolution and escalations, driving incident More ❯

Cyber SOC Analyst – Corsham Location: On-site, 5 days per week (Corsham) Security Clearance: Must currently hold SC clearance and be eligible for DV Citizenship Requirement: Sole British only About the Role Embedded within an established customer Security Operations Centre (SOC), this role involves participating in core SOC functions, identifying opportunities for improvement, and driving best practices in cyber defence operations. You will play a key role in monitoring and responding to cyber threats, supporting threat detection and mitigation, and contributing to continuous improvement in security posture. Key Responsibilities Conduct reactive monitoring across client networks to deliver agile cyber defence across all domains Triage and manage alerts, perform impact assessments, and recommend mitigation strategies … Improve and enforce cyber security policies, procedures, and operational directives Maintain awareness of emerging cyber threats, vulnerabilities, and industry developments Share insights via reports, threat briefs, and team knowledge-sharing sessions Your Profile Experience working as a Security Analyst in a SOC or similar security monitoring environment Knowledge of data networks and SIEM tools Strong understanding of security More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environmentRecent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and Azure … tools and platforms and their integration into SOC operations. Responsibilities:Lead technical migration of log sources into Microsoft Sentinel SIEM.Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation's efficiency, scalability, and incident response capabilities.Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat … intelligence and vulnerability management.Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency.Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions.Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.Collaborate with third-party More ❯

role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and More ❯

role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and More ❯

the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … while maximizing data insights and intelligence to inform operational and strategic decision-making. Drive collaboration across Arm and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

Job Title: Cyber Security Analyst (Microsoft Sentinel Focus) Rate: £400 per day (Inside IR35) Contract Duration: 14/07/2025 – 10/10/2025 Working Hours: 09:00 – 17:00 (Full time) Closing Date for Applications: 07/07/2025 at 17:00 Location: Hybrid – minimum 2 days per week onsite Overview: We are looking for … a dedicated Cyber Security Analyst with strong experience in Microsoft Sentinel to join an ongoing programme aimed at enhancing the organisation’s cyber security estate. This role is critical in monitoring and analysing security systems, managing incidents, and improving overall threat detection and response capabilities. Key Responsibilities: Security Monitoring & Analysis: Monitor a range of security systems to detect … and respond to potential threats. Use Microsoft Sentinel to analyse logs and events, identifying patterns and anomalies. Conduct and review vulnerability assessments and penetration tests to maintain a robust defence posture. Incident Response & Management: Contribute to and execute incident response plans, ensuring swift containment and resolution. Collaborate with internal teams to manage and remediate security incidents. Maintain detailed incident More ❯

Job Title: Cyber Security Analyst (Microsoft Sentinel Focus) Rate: £400 per day (Inside IR35) Contract Duration: 14/07/2025 10/10/2025 Working Hours: 09:00 17:00 (Full time) Closing Date for Applications: 07/07/2025 at 17:00 Location: Hybrid minimum 2 days per week onsite Overview: We are looking for … a dedicated Cyber Security Analyst with strong experience in Microsoft Sentinel to join an ongoing programme aimed at enhancing the organisations cyber security estate. This role is critical in monitoring and analysing security systems, managing incidents, and improving overall threat detection and response capabilities. Key Responsibilities: Security Monitoring & Analysis: Monitor a range of security systems to detect, assess … and respond to potential threats. Use Microsoft Sentinel to analyse logs and events, identifying patterns and anomalies. Conduct and review vulnerability assessments and penetration tests to maintain a robust defence posture. Incident Response & Management: Contribute to and execute incident response plans, ensuring swift containment and resolution. Collaborate with internal teams to manage and remediate security incidents. Maintain detailed incident More ❯

Job Title: Cyber Security Analyst (Microsoft Sentinel Focus) Rate: £400 per day (Inside IR35) Contract Duration: 14/07/2025 10/10/2025 Working Hours: 09:00 17:00 (Full time) Closing Date for Applications: 07/07/2025 at 17:00 Location: Hybrid minimum 2 days per week onsite Overview: We are looking for … a dedicated Cyber Security Analyst with strong experience in Microsoft Sentinel to join an ongoing programme aimed at enhancing the organisations cyber security estate. This role is critical in monitoring and analysing security systems, managing incidents, and improving overall threat detection and response capabilities. Key Responsibilities: Security Monitoring & Analysis: Monitor a range of security systems to detect, assess … and respond to potential threats. Use Microsoft Sentinel to analyse logs and events, identifying patterns and anomalies. Conduct and review vulnerability assessments and penetration tests to maintain a robust defence posture. Incident Response & Management: Contribute to and execute incident response plans, ensuring swift containment and resolution. Collaborate with internal teams to manage and remediate security incidents. Maintain detailed incident More ❯

architectural design and implementation of security solutions that span cloud-native, hybrid, and on-premises environments, with a focus on AWS, Azure, and GCP cloud deployments. Collaborate closely with Cyber Defence Operations, Security Technology Operations, Governance, Risk and Compliance, IT Infrastructure, Engineering, Compliance and AI teams to integrate security tooling and sophisticated security capabilities into business-critical systems. … CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement, cross-team collaboration, and technical excellence More ❯

Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats.Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and … systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. Effective communicator with proven ability to influence and collaborate across functions. Comfortable working … autonomously and leading small projects. Desirable: Background in cyber investigations or law enforcement protocols. Familiarity with project management principles. Ability to deliver awareness campaigns and contribute to continuous improvement. This is a unique opportunity to make a tangible impact on the UK’s energy resilience. If you’re proactive, security-focused, and eager to contribute to the cyber More ❯

are integrated effectively into day-to-day operations, and that operational feedback is embedded into project delivery. Ultimately, the role plays a key part in strengthening the organisation's cyber defence posture by bridging the gap between threat detection, technical resolution, and continuous improvement. As a Security Operations Engineer, you will be: Act as the primary point of More ❯

internal IT, engineering, and operations teams to align security objectives. Maintain technical documentation related to incidents, monitoring, and compliance. Contribute to the ongoing maintenance and development of the OT Cyber Defence Centre (CDC). Desired Experience and Skills Strong background in OT cybersecurity, ICS/SCADA systems, or industrial control networks. Familiarity with security frameworks such as NIST … IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯

to £50,000pa - Cardiff Location: Cardiff (Hybrid – 3 days onsite) Salary: Up to £50,000 A major UK infrastructure organisation is seeking a SOC Analyst to help strengthen its cyber defence capabilities. This is a great opportunity to join a Microsoft-focused environment and work hands-on with leading security tools like Microsoft Sentinel and Defender . You More ❯

in real-time threat monitoring, incident response, and security enhancement. About the Role: As an SOC and Incident Response L3 Consultant, you’ll be a critical part of the cyber defence team, working closely with offshore colleagues to monitor, analyse, and respond to security alerts and incidents. You’ll take ownership of investigations, coordinate responses, and help refine … emerging threats and evolving attack vectors. Collaborate with clients, internal teams, and vendors during incident handling. Enhance SOC processes and contribute to training initiatives. Advise on effective, cost-conscious cyber defenses. Utilize SOAR platforms to streamline detection and response processes. Develop risk mitigation plans and recommend security controls. Essential Experience: Demonstrated experience in alert/threat investigation. Proven capability More ❯

for driving the strategic direction of Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … maximising data insights and intelligence to inform operational and strategic decision making. Drive collaboration across the business and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

This is a hybrid role - 6 days a month onsite Are you a Cyber Security Engineer looking to work for a leading organisation that will impact on millions of lives for decades to come. The role Our clients Cyber Engineering function is part of their Cyber Operations Team, and its purpose is to use specialist knowledge and … skillsets to minimise cyber risks through the effective use and continual improvements of organisation-wide cybersecurity infrastructure, solutions and processes. This is a technically hands on role that requires specialist understanding of the continually changing cyber threat landscape and the use, configuration, and continual development of security solutions to minimise risks.The role is accountable for designing, implementing, maintaining … and development of cybersecurity solutions to protect our organisations networks, systems, and data from cyber threats. What youll be doing: Creating and documenting the detailed architecture understanding of the cyber security toolset architecture and configurations to gauge and guide its effectiveness Assisting planning activities to define the long-term cyber engineering roadmap to maximise the cyber More ❯

SOC role where your expertise makes a real-world impact defending country critical technology. I'm looking for a number of Level 2 SOC Analysts to join an elite cyber defence team within one of the UK’s most trusted consultancies, supporting high-profile clients across defence, aerospace, and national security. Whether you’re an experienced analyst … of core network protocols and modern security architecture DV clearance eligibility (must have lived in the UK for 10+ years) Aa a SOC analyst you’ll be on the cyber frontlines, protecting systems that can’t afford to go down. This isn’t just another SOC job it’s a chance to defend national infrastructure and grow your career More ❯

experienced SOC Shift Lead to join our on-site team in Hemel Hempstead. In this role, you’ll lead a team of Security Operations Centre (SOC) Analysts, delivering critical cyber defence capabilities for a high-profile client. You’ll take ownership of incident detection, triage, and response activities, while helping drive continual service improvements and mentoring a diverse … talented SOC team. What’s in it for you? Take a leadership role in a mission-critical cyber defence function. Work with industry-leading tools including Microsoft Sentinel and Splunk. Develop your career while supporting a nationally significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and More ❯

per annum + 20% Shift Allowance Industry: FMCG/Entertainment What you’ll be doing: Monitor and respond to real-time security alerts and incidents Collaborate with internal cyber teams, including GRC and Cyber Defence, to analyse, escalate, and manage security incidents effectively Utilise a range of security tools such as SIEM, IDS, antivirus, vulnerability scanners, and More ❯

small but highly skilled experienced team and they continue to grow. As an Information Security Engineer you will play a pivotal role in shaping and fortifying the organisation's cyber defence strategies. Leveraging deep technical expertise and strategic vision, you will be responsible for developing and implementing security solutions that safeguard critical assets and data. In addition to … also wearing multiple hats and collaborating with a range of stakeholders. We are looking for the following skills and experience: Proven experience of working in a Technical Information or Cyber Security Engineering role preferably with a broad remit/in a smaller team Must have strong hands-on experience with Azure and Microsoft 365 security. Deep understanding of technical More ❯

small but highly skilled experienced team and they continue to grow. As an Information Security Engineer you will play a pivotal role in shaping and fortifying the organisation's cyber defence strategies. Leveraging deep technical expertise and strategic vision, you will be responsible for developing and implementing security solutions that safeguard critical assets and data. In addition to … also wearing multiple hats and collaborating with a range of stakeholders. We are looking for the following skills and experience: Proven experience of working in a Technical Information or Cyber Security Engineering role preferably with a broad remit/in a smaller team Must have strong hands-on experience with Azure and Microsoft 365 security. Deep understanding of technical More ❯

assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking a highly capable Security Operations Centre Shift Lead to support critical infrastructure within the Aerospace, Defence and Security sector. You will lead from the frontmentoring analysts, managing incident triage, and driving operational improvements in a mission-critical environment. This is a shift-based position , following … will ensure the smooth operation and continual enhancement of SOC processes and personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify More ❯

Cyber Security Engineer/Network Engineer who has experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti-malware, content filtering, SIEM and threat detection solutions is required to join our team at a well-established charity. SALARY: £45,000 - £48,000 per annum + Excellent Benefits … required JOB TYPE: Full-Time, Permanent WORKING HOURS: 35 Hours per Week, Monday - Friday, 9:00am - 5:00pm JOB OVERVIEW We have a fantastic new job opportunity for a Cyber Security Engineer/Network Engineer who has experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti … malware, content filtering, SIEM and threat detection solutions. Working as the Cyber Security Engineer/Network Engineer which the organisation calls a Security Engineer, you'll be at the frontline of the cyber defence, working closely with the Security Operations Manager to monitor, maintain and enhance security tools and services. You'll collaborate with external security providers More ❯