Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Stripe Olt
We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯
have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. More ❯
infrastructure (including RBAC, PIM, NSGs and identity protections). Lead security incident detection, investigation, and response activities alongside the SOC. Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and automate playbooks using Logic Apps. Experience collaborating with development, operations and infrastructure teams in a security context. Experience securing cloud … security, including principles such as zero trust and networksecurity tooling such as Netskope. In-depth knowledge of Microsoft Defender suite (for Endpoint, Identity, Cloud, etc.). Solid understanding of KQL, Azure RBAC, Privileged Identity Management (PIM). Specific knowledge of AWS security stack would be beneficial including GuardDuty, CloudWatch and SecurityHub Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Lloyds Banking Group
Git (version control) Security & Compliance Cloud posture management (Azure Defender for Cloud, GCP SCCE) Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models More ❯
Salford, Manchester, United Kingdom Hybrid / WFH Options
Lloyds Bank plc
posture management (Azure Defender for Cloud, GCP SCCE) Microsoft Defender XDR/Microsoft Purview Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to More ❯
