23 of 23 Security Operations Centre Jobs in the South East

Security Operations Centre Shift Lead Location: Hemel Hempstead (On-site, Shift-Based) Salary: Highly competitive with excellent benefit package Security Clearance Level: Must be eligible for DV Clearance . Due to the highly secure nature of this work all applicants will be required to gain UK Security Clearance to the highest level. You must be … days annual leave (option to purchase additional days), health cash plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking a highly capable Security Operations Centre Shift Lead to support critical infrastructure within the Aerospace, Defence and Security sector. You will lead from the frontmentoring analysts, managing incident triage, and … environment. This is a shift-based position , following a rotation of 2 days (6am6pm), 2 nights (6pm6am), 4 days off . Essential Skills and Experience: Proven experience in a Security Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre More ❯

Apply on JLP Jobs - the official careers website for John Lewis Partnership, John Lewis & Partners, and Waitrose & Partners. About the role Join the Information Security Engineering team at John Lewis Partnership to help build a secure future for an iconic brand. We work to protect our customers, Partners, and business against an ever-evolving cyber threat landscape.The John Lewis … Partnership's Information Security strategy is bold and ambitious. We provide a collection of security services, delivered via people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day.Our Threat Defence team is at the forefront of our cyber resilience, proactively monitoring threats, identifying vulnerabilities, and engineering … robust security defences.As we expand our Security Engineering service, you'll be instrumental in developing cutting-edge capabilities and empowering our Security Operations Centre to stay ahead of the latest threats.This is a great opportunity to directly shape our security posture, getting hands-on with next-generation cyber security tools. You'll thrive More ❯

Experience Years: 3-5 Years of Experience Employee Type: Regular Remote Type: Onsite About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. As an Information Security Engineer, you will be responsible for security operations, using and managing security systems, identifying and managing … risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. About the Opportunity The role of Information Security Engineer will be responsible for identifying, investigating, and managing cybersecurity related events and incidents. As an … Information Security Engineer, you will be responsible for security operations, using and managing security systems, identifying and managing risks and threats, and developing and following operating procedures. The ideal candidate will have a deep understanding of cyber security risks and threats, incident handling, and will possess excellent analytical, communication, and leadership skills. Responsibilities Strong collaboration More ❯

To support the Security Operations Manager in responding, managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bell’s systems and services. Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those systems. This role will be key to understanding the threats targeting AJ … Bell and ensuring our defences provide and effective response. Key responsibilities: Reviewing and assessing Security Operations Centre alerts to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. Investigate and respond to security breaches … and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments to ensure security best practices are followed. Stay up-to-date with the latest security trends More ❯

Are you in a Security Operations Centre and every day is the same? We can assure you that there is no boredom in our role. We have a growing Cyber practice in our Defence sector and support enterprise scale clients. Now we have opportunities for L2 SOC Analysts to join in our success and work with multiple … can offer great career progression opportunities, benefits which you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve … and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable More ❯

tier consultancy that operates at the sharp end of cybersecurity within defence, aerospace, and national security. We’re looking for an experienced SOC Analyst to join our high-performing Security Operations Centre in Farnborough. This is a unique chance to contribute to real-world cyber defence, on country critical technology, pitting your SCO skills against state of … attacks. As the SOC Analyst, you will: Monitoring and triaging alerts across secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives … Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network More ❯

Technical Security Delivery Manager £85000 GBP Onsite WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Technical Security Service Delivery Manager - SOC Birmingham (Hybrid) Up to £85,000 + Bonus + Benefits We're working with a top-tier consultancy on the search for a Technical Security Service Delivery Manager to support and enhance the operations of a high-performing Security Operations Centre (SOC). This is a leadership role at the sharp end of service delivery - managing complex security incidents, vulnerability management programmes, and client relationships across enterprise environments. What you'll be doing: Acting as the key liaison between the client and operational delivery teams Leading on incident escalation … and coordination with SOC and IR teams Managing post-incident investigations and reporting Supporting and driving improvements to vulnerability management workflows Overseeing IDS/IPS updates, firewall security, and policy alignment Running regular service reviews and ensuring SLA/KPI performance Collaborating with senior delivery leadership on best practice and optimisation What we're looking for: 10+ years of More ❯

IBM Platform Security Analyst (Cross Training Opportunity) IBM Platform Security Analyst required for multi-national IT Services organisation based in on-site at our Buckinghamshire SOC location. If you an IBMi iSeries AS/400 platform operations professional looking for an opportunity cross train into IT Security we would like to hear from you. The focus … of this role will be the delivery of an IT Defence offering/service which is for IBM Power and Storage clients. You would be based in a Security Operations Centre (SOC) using IBM Native tools on both the Power and Storage platforms maintaining IT security services. Building on your current skills the scope of the … storage defender and Insights and use of a SIEM agent reporting. Key Skills Previous experience as an IBM System i/Power i/IBM i/i Series Operations Technical Consultant with excellence in Power I (IBMi ,System i, iSeries) systems support and management. IBM i OS, (i-Series IBMi Power I AS/400) BRMS, Work Management More ❯

IBM Platform Security Analyst (Cross Training Opportunity) IBM Platform Security Analyst required for multi-national IT Services organisation based in on-site at our Buckinghamshire SOC location. If you an IBMi iSeries AS/400 platform operations professional looking for an opportunity cross train into IT Security we would like to hear from you. The focus … of this role will be the delivery of an IT Defence offering/service which is for IBM Power and Storage clients. You would be based in a Security Operations Centre (SOC) using IBM Native tools on both the Power and Storage platforms maintaining IT security services. Building on your current skills the scope of the … storage defender and Insights and use of a SIEM agent reporting. Key Skills Previous experience as an IBM System i/Power i/IBM i/i Series Operations Technical Consultant with excellence in Power I (IBMi ,System i, iSeries) systems support and management. IBM i OS, (i-Series IBMi Power I AS/400) BRMS, Work Management More ❯

Job Title: IT Security Manager Location: Hybrid in Buckinghamshire (2 days on-site) Job Type: Full-time, Permanent Salary: £60,000 - £67,000 + benefits Industry: Media/Broadcasting A leading Media/Broadcasting company based in Buckinghamshire are seeking an experienced IT Security Manager to join the Cyber Security team where you’ll mature the development … of our operational strategy whilst supporting all Security routine services and functions. You’ll bridge the gap between the Security and IT operations teams and line manage our Security Analyst. Key Responsibilities: Collaborate with the Head of Cyber Security to define and track risk-based KPIs, KRIs, and metrics to measure cyber resilience and overall … security performance. Support compliance efforts across frameworks including Cyber Essentials, ISO 27001, GDPR and DPA. Lead the vulnerability management programme, advising IT on remediation strategies. Oversee security incident monitoring and response in coordination with the SOC team. Design and implement an effective identity and access management (IAM) process and own access control across all systems. Required Skills & Experience More ❯

across the South, West and East of England, including London, as well as aiming to create thousands of new affordable homes every year. We're seeking an experienced Cyber Security Analyst to help protect our organisation from cyber threats and contribute to a safe, secure digital future for our customers, systems, and data. You'll be based in our … office in Wembley or Basingstoke , combining both office and home working. The Role: As a Cyber Security Analyst , you'll play a key role in maintaining and improving our cyber resilience. Working closely with our external Security Operations Centre (SOC) and internal teams, you'll monitor systems, respond to threats, remediate vulnerabilities, and help manage incidents. … You'll be part of a collaborative cyber security function that supports all areas of the business, ensuring our infrastructure, applications, and data remain secure and compliant with relevant frameworks and standards. Key Responsibilities Monitor and analyse security events and alerts using SIEM and other security tools Conduct triage of security incidents and escalate as appropriate More ❯

across the South, West and East of England, including London, as well as aiming to create thousands of new affordable homes every year. We're seeking an experienced Cyber Security Analyst to help protect our organisation from cyber threats and contribute to a safe, secure digital future for our customers, systems, and data. You'll be based in our … office in Wembley or Basingstoke, combining both office and home working. The Role: As a Cyber Security Analyst, you'll play a key role in maintaining and improving our cyber resilience. Working closely with our external Security Operations Centre (SOC) and internal teams, you'll monitor systems, respond to threats, remediate vulnerabilities, and help manage incidents. … You'll be part of a collaborative cyber security function that supports all areas of the business, ensuring our infrastructure, applications, and data remain secure and compliant with relevant frameworks and standards. Key Responsibilities Monitor and analyse security events and alerts using SIEM and other security tools Conduct triage of security incidents and escalate as appropriate More ❯

will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security incident procedures Build, manage and … Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential … the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly communications, translating complex matters for various audiences Research the latest information technology security bulletins for Microsoft products and 3rd party applications Provide a repeatable process for assessing vulnerabilities detected through multiple sources within a business context, determining recommendations for how the vulnerabilities More ❯

will manage processes to detect, prevent and correct vulnerabilities to devices in a customers environment. The SC-cleared analyst will aim to mitigate business risks arising from both regulatory & security noncompliance. What youll do Integrate with customer and third-party security operations centre reporting as well as integration with security incident procedures Build, manage and … Lifecycle Management Product Lists (VLMPLs) for all supported customers Responding to and helping to co-ordinate the response to Major Vulnerability incidents Sending out notifications and communications related to security vulnerabilities that affect multiple technologies Creation and ownership of vulnerability incidents providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential … the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly communications, translating complex matters for various audiences Research the latest information technology security bulletins for Microsoft products and 3rd party applications Provide a repeatable process for assessing vulnerabilities detected through multiple sources within a business context, determining recommendations for how the vulnerabilities More ❯

leaders in their field. Our new position of SOC Shift Lead will direct a team of SOC Analysts, conduct monitoring and triage of alerts associated with host and network security events for our clients critical infrastructure and support the SOC through both delivery of client work and adding skills and ideas to this already diverse team. This role is … 6PM to 6am, 4 days off. Please note you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop … team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel More ❯

Senior IR-SOC Engineer - Elite Law Firm - London Are you a security professional looking to step into a high-profile, enterprise environment? One of the world’s most prestigious law firms is seeking a Senior Incident Response & SOC Engineer to join its global Information Security team, based in London . This is a rare opportunity to play a …/7 SOC , handling incident response and contributing to the development of detection, automation, and reporting tools. Key Responsibilities: Lead and support incident response (IR) and investigation of security threats across a complex enterprise estate. Manage, tune, and develop SIEM and EDR technologies to enhance threat detection and response capabilities. Implement and refine playbooks , automations , and alerting rules in … collaboration with security partners. Contribute to threat hunting and proactive detection strategies. Produce actionable reporting and metrics for stakeholders, including executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat More ❯

lifecycle experience for improvements. Splunk SaaS experience and expertise as a lead architect and/or engineer Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. Experience of the lifecycle of SIEM delivery, including convergence from other SIEMs. More ❯

cycle experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. - Experience of the life cycle of SIEM delivery, including convergence from other SIEMs More ❯

cycle experience for improvements. - Splunk SaaS experience and expertise as a lead architect and/or engineer - Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels. - Experience of the life cycle of SIEM delivery, including convergence from other SIEMs All More ❯

practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security solutions design and implementation. Work with the Cyber Defense group and the Security Operations Center to evaluate the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM More ❯

practices and the ability to conduct technical risk assessments. Work with the Global Technology Infrastructure team to integrate system cybersecurity assessments into their processes to ensure consistent implementation of security controls. Work with the Cybersecurity Architecture team and apply reference architectures for security solutions design and implementation. Work with the Cyber Defense group and the Security Operations Center to evaluate the effectiveness of the security controls and architectures in relationship to actual intrusions seen on the Deloitte network, reported threats at peer organizations, and overall cybersecurity threats in the internet ecosystem and you will notify leadership of potential or existing threats and assist in the development of risk mitigating strategies of these items. Monitor security blogs, articles, and reports and remain current on related laws, regulations, and industry standards to keep up to date on the latest security risks, threats, and technology trends and, where relevant, notify leadership to incorporate information into processes, procedures, and audit preparedness activities. Perform technology security risk assessments. Where appropriate, leverage security shared services (VRA, VM More ❯

management framework qualification (PRINCE2/Agile) Minimum of 2 professional role specific certifications Hands on, practical experience in the following disciplines: Microsoft Dynamics Digital and Application Innovation (Software Development) Security Operations Centre Data and AI Regular team building and social events with other graduate scheme members What experience do you need? No particular experience is required for More ❯

We are rapidly growing our SOC team, offering serious career growth and exciting work with multiple high-profile clients! Join our expanding Cyber practice in the Aerospace Defence and Security sector. This team supports enterprise-scale clients and requires proven experience working in a busy SOC with a tech-first approach. The team is on the cusp of continued … off. You must be eligible for Developed Vetting (DV). We offer excellent career progression opportunities, flexible benefits, and training and development programs. Responsibilities include: Monitoring, triaging, and investigating security incidents on critical client infrastructure. Analyzing network traffic, logs, and system events to identify threats and vulnerabilities. Providing Incident Response support. Maintaining and developing team knowledge of SOC tools … and security operations. Preparing reports for technical and non-technical audiences and improving their content. Updating security incident documentation, including reports, analysis, and mitigation strategies. Qualifications and experience: Experience working in a Security Operations Centre. Managing Microsoft Sentinel and Splunk implementations. Knowledge of the Mitre Att&ck Framework. Understanding of client-server applications, web applications, databases More ❯