1 to 25 of 29 Intrusion Detection Jobs in the South East

a wide variety of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient transferable … within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security Information Event Monitoring (SIEM), End Point Protection (EPP), End Point Detection and Response (EDR), XDR (Extended DR), Web Application Firewall (WAF), and Firewalls. Proactively detect suspicious activity, vulnerabilities, and security misconfigurations before they can be exploited by adversaries impacting Confidentiality … On-Premises solutions including but not limited to Firewalls, Network Access Control Lists, Network Security Groups, DDoS Protection, VPNs, Mail Gateways, Web Proxies, Load Balancers including Web Application Firewalls, Intrusion Prevention System, and Intrusion Detection Systems. Communication and Soft Skills Good verbal and written communication skills required for hand overs, reports, and documenting events during a Cyber More ❯

is key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. Implement secure network architecture and enforce segmentation and least-privilege access controls. Support secure cloud environments across … Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response Monitor and analyze security alerts and network traffic for threats or suspicious activity. Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management Run regular vulnerability scans and penetration testing More ❯

office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security More ❯

office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security More ❯

office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure configurations … and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure configurations … and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or More ❯

to, and mitigating security threats across enterprise environment. Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure configurations … and compliance. Maintain and improve endpoint protection, intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security … Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or More ❯

requirements gathering through to procurement, budgeting, vendor management , and security assessments . Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat … detection . Oversee audit readiness and maintain comprehensive network documentation and asset inventories. People & Stakeholder Leadership Build, develop, and mentor a high-performing network engineering team , fostering a culture of excellence, accountability, and continuous learning. Set clear objectives, manage performance, and align team skills with evolving business and technology needs. Act as the trusted technical adviser to senior stakeholders More ❯

requirements gathering through to procurement, budgeting, vendor management , and security assessments . Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat … detection . Oversee audit readiness and maintain comprehensive network documentation and asset inventories. People & Stakeholder Leadership Build, develop, and mentor a high-performing network engineering team , fostering a culture of excellence, accountability, and continuous learning. Set clear objectives, manage performance, and align team skills with evolving business and technology needs. Act as the trusted technical adviser to senior stakeholders More ❯

requirements gathering through to procurement, budgeting, vendor management , and security assessments . Security, Compliance & Governance Partner with Information Security teams to enhance network security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat … detection . Oversee audit readiness and maintain comprehensive network documentation and asset inventories. People & Stakeholder Leadership Build, develop, and mentor a high-performing network engineering team , fostering a culture of excellence, accountability, and continuous learning. Set clear objectives, manage performance, and align team skills with evolving business and technology needs. Act as the trusted technical adviser to senior stakeholders More ❯

simultaneously. Strong understanding of industrial control systems (ICS) and SCADA systems. Strong problem-solving skills and attention to detail. Proven experience with OT and IT security technologies, including firewalls, intrusion detection systems (IDS), vulnerability detection, network discovery, log collection systems, and security information and event management (SIEM) solutions. UK Driving Licence. About Us Affinity Water is the More ❯

security posture remains strong, compliant, and resilient. Responsibilities Conduct regular vulnerability scans and produce actionable reports Support patch deployment and software approval audits Configure and maintain firewalls, VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence … control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to maximise resources Qualifications Desired qualifications and experience: Minimum 2 years' experience in incident detection, response, and forensics Strong understanding of Azure, Zero Trust Estates, DLP, IDS/IPS, Web-Proxy, and Security Audits Analytical mindset with excellent problem-solving skills Excellent communication and More ❯

such as SIEM, DLP, endpoint protection, and network monitoring. Knowledge of frameworks including ISO27001, GDPR, NIS2, and MITRE ATT&CK. Skilled in networking fundamentals — firewalls, VPNs, routers, LANs, and intrusion detection. Relevant certifications such as SC-200 or AZ-500 (CISSP/CISM/CRISC advantageous). Confident communicator with the ability to influence and collaborate across teams. What More ❯

such as SIEM, DLP, endpoint protection, and network monitoring. Knowledge of frameworks including ISO27001, GDPR, NIS2, and MITRE ATT&CK. Skilled in networking fundamentals — firewalls, VPNs, routers, LANs, and intrusion detection. Relevant certifications such as SC-200 or AZ-500 (CISSP/CISM/CRISC advantageous). Confident communicator with the ability to influence and collaborate across teams. What More ❯

industry-recognized certifications (e.g., Cisco CCNA/CCNP, Juniper JNCIS-ENT). Experience with routing protocols, virtual routing instances, VPNs, and security zones. Experience with network security products including Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Proficiency in F5, Cisco Secure Firewall, and Gigamon technology. Demonstrable design experience with global network vendors (e.g., Cisco More ❯

industry-recognized certifications (e.g., Cisco CCNA/CCNP, Juniper JNCIS-ENT). Experience with routing protocols, virtual routing instances, VPNs, and security zones. Experience with network security products including Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Proficiency in F5, Cisco Secure Firewall, and Gigamon technology. Demonstrable design experience with global network vendors (e.g., Cisco More ❯

standards. Skills Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. Experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools More ❯

standards. Skills Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. Experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools More ❯

standards. Skills Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. Experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools More ❯

assets, network traffic, and system vulnerabilities. Generate regular reports on system performance, security posture, and compliance status. Cybersecurity & Compliance: Cyber Protection Techniques: Implement advanced cyber protection measures, including firewalls, intrusion detection/prevention systems (IDS/IPS), and secure authentication protocols, to safeguard both the development environment and the final ICS product. Vulnerability Management: Support regularly vulnerability scans More ❯

assets, network traffic, and system vulnerabilities. Generate regular reports on system performance, security posture, and compliance status. Cybersecurity & Compliance: Cyber Protection Techniques: Implement advanced cyber protection measures, including firewalls, intrusion detection/prevention systems (IDS/IPS), and secure authentication protocols, to safeguard both the development environment and the final ICS product. Vulnerability Management: Support regularly vulnerability scans More ❯

CNI Infrastructure IDS Administrator (SC Cleared) - Hybrid (Wokingham/Warwick) - Inside IR35 - 6 months We are seeking an experienced CNI Infrastructure IDS Administrator to manage, configure, and optimize enterprise Intrusion Detection Systems (IDS) across Windows and non-Windows environments. This hands-on role will involve patching, alert handling, and end-to-end change management to ensure the integrity … and prioritize actions based on threat severity. Configure IDS software, including rules, signatures, and alerts to detect various threat types. Optimize IDS performance to minimize false positives and enhance detection accuracy. Manage, patch, and maintain IDS configurations, traps, and alert systems. Work collaboratively with IT and security teams to support a comprehensive security strategy. Maintain detailed documentation for IDS More ❯

Cisco Nexus switches, Cisco ASA firewalls, F5 LTM and DNS load balancers. Strong network design and management skills and experience, including setting up firewall rules, dynamic routing, load balancing, intrusion detection and prevention, setting up remote access and site-to-site VPNs. Strong practical experience of following ITIL processes in a 24x7 operations environment with tight SLA and More ❯

requirements. Preparing for and completing all required audits. Essential skills/knowledge/experience: Experience of Industrial Defender/Leidos would be an advantage, but not essential! Managing, patching Intrusion Detection system alerts; config; traps etc. Raising, representing and managing end-to-end delivery of own changes. Working in a small local team, part of a wider Infra More ❯