systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised … Contribute to a reference architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges … native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯
steps Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations Participate in on-call or out-of-hours technical support where appropriate ThreatIntelligence and Analysis: Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns Lead threatintelligence sharing within the organisation and with … external partners Mentor Tier 1 staff in interpreting threat data and logs during investigations Security Monitoring and Detection Engineering: Conduct continuous security monitoring of network traffic, endpoints, and critical systems Proactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidelity Support onboarding of new data sources into SIEM and help define … Coordinate and support risk-based prioritisation of vulnerability remediation efforts Support vulnerability lifecycle management, including exception handling, patch validation, and reporting Provide vulnerability remediation guidance based on CVSS scores, threat context and business impacts Collaboration and knowledge sharing: Act as a technical mentor to Tier 1 analysts, supporting their development and escalation handling Work closely with other IT teams More ❯
systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite, and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards, as well as industry-recognized … to both technical and non-technical stakeholders Contribute to a reference architecture of established patterns, principles, and guidelines Research emerging technologies and new products, positioning them against the evolving threat landscape and client risk appetite Distil complex information into key discussion points to facilitate resolution rather than just identifying challenges Contribute to developing the Security Practice's skills and … Experience with Cloud platforms (AWS and/or Microsoft Azure), including native security features and best practices Deep knowledge of modern security concepts, attack vectors, malware, security analytics, and threatintelligence Understanding of security testing and vulnerability management, including pen testing, CVSS, and CVE Experience with security standards such as ISO 27001, 27002, 27017, and 27108 DESIRABLE SKILLS More ❯
expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient More ❯
expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient More ❯
Newcastle Upon Tyne, Tyne and Wear, North East, United Kingdom
HMRC
expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient More ❯
clients. The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecurity threats, as well as managing security tools and mentoring junior analysts. This role involves proactive threat hunting, incident response, and collaboration with cross- functional teams to enhance the organization s security posture. Key responsibilities: 1. Incident Detection and Response: o Lead investigations and remediation of … complex security incidents, including malware infections, data breaches, and advanced persistent threats (APTs). o Utilize advanced SIEM (Security Information and Event Management) tools, threatintelligence platforms, and other security technologies to analyze and correlate security alerts. o Take ownership of Tier 3- level escalations from Tier 1 and Tier 2 analysts and guide them through complex incident … response procedures. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioral analysis and threatintelligence data. o Analyze data from logs, network traffic, endpoint activities, and threatintelligence feeds to detect unusual or malicious activity. o Collaborate with other security teams to uncover hidden threats and vulnerabilities. o Perform in More ❯
We are seeking a Senior Security Engineer to join our team. If you have a passion for cybersecurity, thrive on solving complex security challenges, and are experienced in advanced threat detection and response, we’d love to hear from you! As a Senior Security Engineer, you will be responsible for protecting our systems, networks, and data from cyber threats. … in the completion of security projects. Ensure platform security by design and provide technical guidance aligned with the product roadmap. Conduct vulnerability assessments, manage security risks, and respond to threatintelligence feeds. Monitor systems and networks for suspicious activity and engage in response procedures as necessary. Manage and document all stages of security incident response, including detection, containment … protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like an More ❯
NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO … NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯
you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threatintelligence, and incident response, ensuring the protection of BCG's global network. You will work closely with the Security Operations Center (SOC), Security Information … to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threatintelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯
you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threatintelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information … posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threatintelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯
you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threatintelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information … posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections … phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threatintelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports More ❯
steps. Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations. Participate in on-call or out-of-hours technical support where appropriate. ThreatIntelligence and Analysis Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns. Lead threatintelligence sharing within the organization and with … external partners. Mentor Tier 1 staff in interpreting threat data and logs during investigations. Security Monitoring and Detection Engineering Conduct continuous security monitoring of network traffic, endpoints, and critical systems. Proactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidelity. Support onboarding of new data sources into SIEM and help define … Coordinate and support risk-based prioritization of vulnerability remediation efforts. Support vulnerability lifecycle management, including exception handling, patch validation, and reporting. Provide vulnerability remediation guidance based on CVSS scores, threat context, and business impact. Collaboration and Knowledge Sharing Act as a technical mentor to Tier 1 analysts, supporting their development and escalation handling. Work closely with other IT teams More ❯
Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threatintelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to More ❯
Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threatintelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to More ❯
Cyber Essentials+, and other relevant compliance standards. Published thought leadership and public speaking experience at major industry events. Additional Information The Team Unit 42 brings together our world-renowned threat researchers with an elite team of security consultants to create an intelligence-driven, response-ready organization. The Unit 42 ThreatIntelligence team provides threat research More ❯
Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threatintelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to More ❯
to implement and improve security controls and ensure compliance with internal policies and regulatory requirements. Support vulnerability management by reviewing scan results, prioritizing risks, and tracking remediation activities. Conduct threatintelligence research and contribute to the development of proactive detection and defense strategies. Assist in the development and refinement of security policies, procedures, and incident response playbooks. Mentor … Technology, System Analysis, etc.) or equivalent combination of education and work experience. Typically, 3+ years of experience in IT/network security/cybersecurity. Strong understanding of security principles, threat landscapes, and incident response methodologies Experience with security tools and technologies, including : Endpoint Security (Crowdstrike, Microsoft) SIEM and logging (Crowdstrike NG-SIEM, Microsoft Sentinel, Cribl, Logstash) Email Security (Proofpoint More ❯
Loughton, Essex, South East, United Kingdom Hybrid / WFH Options
Profile 29
software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯
Collaborate with IT, cloud, and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools … IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threatintelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC More ❯
London, England, United Kingdom Hybrid / WFH Options
In Technology Group
training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security More ❯
Milton Keynes, Buckinghamshire, South East, United Kingdom Hybrid / WFH Options
In Technology Group Limited
training for staff and ensure compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and authentication protocols. Experience with security More ❯
Job Title: Senior Threat Cyber Intelligence Analyst Location: Local to DMV Clearance: TS/SCI w Full Scope Poly Employment Type: Full Time Education: Bachelor's degree in Cybersecurity, Information Security, or a related field Work Status: Local to DMV Salary: $145,000-$185,000 Benefits: Competitive salary and bonus structure, comprehensive health insurance, 401(k) with company … and correlation of events across disparate incident reports Collaborate with our team to refine the evaluation methodology and provide expert insights Required Skills 5+ years of experience in cybersecurity, threatintelligence, or incident response Deep understanding of advanced persistent threats (APTs) and cyber attack methods Familiarity with cybersecurity frameworks and standards (e.g., MITRE ATT&CK, NIST Cybersecurity Framework … Experience with threatintelligence platforms and open-source intelligence (OSINT) tools Strong analytical and writing skills, with the ability to distill complex information into clear and concise narratives Familiarity with natural language processing (NLP) and LLMs is a plus, but not required Desired Skills (Optional) Hands-on experience with security information and event management (SIEM) systems, and More ❯
Central London, London, England, United Kingdom Hybrid / WFH Options
Bupa UK
Job Description: Head of Cyber Threat Exposure Permanent London/Staines/Manchester (Hybrid Working) We consider all types of flexibility, including locations, hours and working patterns. We make health happen. At Bupa, we are at the forefront of an exhilarating digital transformation journey, driven by our ambition to become the world's most customer-centric healthcare provider. Our … mission is simple yet profound: to help people live longer, happier, healthier lives, and to make a better world. As Head of Cyber Threat Exposure, you’ll play a crucial role in vulnerability management and offensive activities across Bupa. You’ll provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination … end management and delivery of security services including penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming. Provide comprehensive dashboarding and reporting capabilities leveraging threatintelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures Ensure that all technology, cloud services and third-party solutions comply with defined vulnerability management and More ❯
threats to understand and refine processes and controls. Your responsibilities will include but are not limited to being an escalation point and expert on cyber incidents of various types, threat hunting for TTPs prioritized by internal and external threatintelligence, owning team process improvements as well as mentorship, and staying on top of industry technology and cyber … threat advancements. We are a passionate global team dedicated to helping keep our clients and our firm safe. RESPONSIBILITIES Maintain a core competency in event analysis and serve as an escalation point for noteworthy investigations, deeper investigations, and those that require critical attention. Continue to build out new capabilities within the program aligned with our attack surface. Opportunities include … dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk. Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threatintelligence briefings. Leveraging threatintelligence, experience, and other inputs to perform active threatMore ❯