1 to 25 of 43 Contract Security Operations Jobs in England

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose is to … cyber resilience and enabling the wider health system to be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO … The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Senior More ❯

Contract Role – Security Analyst (Network & Endpoint) – England/Remote – 4+ Months Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful … candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection … Microsoft Entra ID. Monitor Entra ID logs and integrate with Sentinel for rule-based alerting. Additional Technologies: Experience with Zscaler for secure web gateway and DLP. Exposure to Google SecOps is advantageous. Team Leadership: Operate at a team lead level, supporting junior analysts and coordinating operational tasks. Provide technical guidance and contribute to process improvement initiatives. Preferred Certifications: Essential: CompTIA More ❯

CYBER SECURITY ANALYST | SECURITY OPERATIONS CENTER (SOC). Summer-Browning Associates is supporting our client in the Central Government who is seeking a Cyber Security Analyst for an initial 12-month assignment, with the possibility of extension. Location: London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber … Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their … scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review. More ❯

Security Analyst (Network & Support) Location - London (Hybrid) Duration - 6 Months (Initially) Rate - £450 (A day) IR35 - Outside IR35 Summary To be part of Digital Services, actively contributing as a member of the Infrastructure and Operations Team to support and develop the Network Infrastructure, Services, and Security. Provide 3rd line support for all wired, Wi-Fi, and remote access … network services to staff, students, contractors, and visitors. Act as a key point of reference in network security, contributing to the implementation, development, provisioning, and operational support of network dependencies. The post holder will be expected to support the designing, implementation, and maintenance of our client's Network Security Infrastructure to protect against cyber threats. Accountabilities and Responsibilities … Security Operations Support Serve as a reference point for network security across IT teams, providing guidance and specialised expertise on security measures. Conduct vulnerability assessments, security audits, and continuous monitoring of network traffic for anomalies using advanced security tools. Collaborate with IT teams to ensure security measures are integrated into network architecture and More ❯

Security Analyst (Network & Support) Location - London (Hybrid) Duration - 6 Months (Initially) Rate - £450 (A day) IR35 - Outside IR35 Summary To be part of Digital Services, actively contributing as a member of the Infrastructure and Operations Team to support and develop the Network Infrastructure, Services, and Security. Provide 3rd line support for all wired, Wi-Fi, and remote access … network services to staff, students, contractors, and visitors. Act as a key point of reference in network security, contributing to the implementation, development, provisioning, and operational support of network dependencies. The post holder will be expected to support the designing, implementation, and maintenance of our client's Network Security Infrastructure to protect against cyber threats. Accountabilities and Responsibilities … Security Operations Support Serve as a reference point for network security across IT teams, providing guidance and specialised expertise on security measures. Conduct vulnerability assessments, security audits, and continuous monitoring of network traffic for anomalies using advanced security tools. Collaborate with IT teams to ensure security measures are integrated into network architecture and More ❯

Security Analyst 3 months - with extensions London - hybrid £400 per day inside IR35 - Umbrella only Active or lapsed SC Security Clearance required The Role As a Cyber Security Analyst in the Cyber Operations workstream, you will report to the Operational Cyber Security Architect and support BAU cyber activities across the organisation. You will play a … helping the department detect, respond to, and manage cyber threats, vulnerabilities, and operational risks. You will work closely with technical teams, service owners, and delivery partners to ensure robust security controls are in place and actively monitored. The role is hands-on and well-suited to someone who is proactive, curious, and eager to go beyond the call of … predefined playbooks and processes Supporting vulnerability identification, triage, and remediation, including follow-up with relevant technical teams. Monitoring and analysing alerts and logs from LogRhythm, CyberArk, Semperis and other security tools, but experience with other cyber tools would also suffice. Participating in the change management process to ensure proposed changes are reviewed for security risk. Contributing to penetration More ❯

Infrastructure Security Engineer We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days), office location being London. They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. They are also looking for … a candidate who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks … for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft Exchange online Azure and on More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents and … escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents and … escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯

CYBER SECURITY ENGINEER | SECURITY OPERATIONS CENTER (SOC). Summer-Browning Associates is supporting our client in the Central Government who is seeking a Cyber Security Engineer for an initial 12-month assignment, with the possibility of extension. Location: London | Hybrid| Remote The ideal candidate will hold an active DV clearance and have a solid background in … Cyber Security working within a high-threat government environment, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform … triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review. More ❯

On behalf of the Met Office, we are looking for a Cyber Security Analyst (Inside IR35) for a 6 month contract based hybrid in Exeter as and when required. As a Cyber Security Analyst, your main responsibilities will be: . Supporting information security delivery work, including the development and implementation of Information Security Policies, Standards, processes … and guidance. . The security of Digital infrastructure by proactively analysing security threats/challenges/risks to the environment, including conducting penetration testing and compliance reviews monitoring of Information Security and information management to ensure compliance including reviewing and monitoring system and network logs for malicious activity or unacceptable use. Typical Skills: . Technical Knowledge within … anti-virus, networking, vulnerability management, encryption, Microsoft technologies, Linux. Knowledge of Information Security standards, legislation and practices, including GDPR & Data Protection Act 2018. . Experience in dealing with a wide range of Information Security matters and operating in an ITIL based environment. . Strong problem solving ability, with flexibility to think creatively and adapt to and implement rapidly More ❯

Cyber Security Consultant- Remote An exciting opportunity has arisen for a Cyber Security Consultant who can provide practical advice and hands-on support to improve security project and manage alerts. We’re seeking a specialist who has expertise in Microsoft Defender & Sentinel who can turn alert data into actionable intelligence, identify opportunities for optimisation, and advance the … customer’s SOC maturity through data-driven improvements and Sentinel/Defender best practices. As a Cyber Security Consultant, your mission is clear; be technically proficient and provide practical solutions rather than theoretical advice. The consultant should be able to work closely with the team to implement changes and improve security. Cyber Security Consultant’s Responsibilities: Develop and … tools such as Advanced Hunting, Threat Analytics, and Attack Surface Reduction to strengthen detection and response. Recommend SOC process improvements through data-driven insights and best practice alignment. Cyber Security Consultant’s Required Knowledge and Experience: Extensive experience with Microsoft Defender, Sentinel, and possibly working in a Security Operations Centre (SOC). Experience extracting alert data and More ❯

Job summary Cyber Operations purpose is to support safe care and build public trust by building NHS England's cyber resilience and enabling the wider health system to be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The role leads the CSOCs Threat Intelligence team within NHS England CSOC comprised of four primary functions: Intelligence Collection & Analysis - Perform collection, aggregation, analysis and contextualisation of healthcare and security information to produce actionable CTI. Cybersecurity Threat & Risk Assessment … care estate. Intelligence Dissemination & Reporting - Produce stakeholder-specific intelligence reporting for stakeholders. Specialist CTI Support - Provides specialist CTI support to CSOC during high complexity incidents. The post of Cyber Security Lead Analyst - Threat Intelligence has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

SOC Operations Manager - Active SC, Azure, ISO27001, Energy Up to £800 per day - Inside IR35 Primarily remote - Occasional travel 3 - 6 months My client is an instantly recognisable consultancy who require a SOC Operations Manager with Active Security Clearance (SC), to lead the day-to-day operations of a Security Operations Centre. This is … measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy/Construction/Utilities Holds an Active Security Clearance (SC) Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity More ❯

SOC Operations Manager - Active SC, Azure, ISO27001, Energy Up to £800 per day - Inside IR35 Primarily remote - Occasional travel 3 - 6 months My client is an instantly recognisable consultancy who require a SOC Operations Manager with Active Security Clearance (SC), to lead the day-to-day operations of a Security Operations Centre. This is … measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy/Construction/Utilities Holds an Active Security Clearance (SC) Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity More ❯

Job Title: Technical Operations Analyst - Fully Remote (MUST BE BASED IN THE UK) - No Sponsorship Available Job Description The Technical Operations Analyst is responsible for providing extensive technical support and ownership for maintaining the service throughout the life of the contract. This role involves owning the technical delivery model and fostering strong relationships with internal supplier resolver teams … delivery. Maintain strong relationships with internal supplier resolver teams. Ensure a seamless experience for the customer through effective operations. Essential Skills (Please ensure your CV reflects these skills) SOC (Security Operations Centre) experience. Cyber security expertise Security management Risk management proficiency Technical support experience Operational analysis skills Why Work Here? Join an environment that values continuous … Contacting Us" section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as More ❯

SC Cleared Cyber Security Engineer- 3 months+ - £600-650pd Inside IR35 - Hybrid ( 1-2 days on site in London) The person will be joining the MIP team (Monitoring and Integration Platform) within Technology Services. The Technology Services team is responsible for all infrastructure, end user computing, onsite support and delivery of technology projects. It has responsibility for … devices and infrastructure across 900+ sites. The requirement is to deliver against the initial phase of the security monitoring project-onboarding 67 critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level … monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks. Excellent communication skills, able to articulate technical concepts to diverse audiences. Technical requirements Proven experience with Cortex XDR, Cortex Data Lake, and Cortex XSOAR. Solid understanding of cloud security More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

Role Title: Microsoft Security Engineer Location: London - Hybrid (2-3 days in office) Day Rate: £586.50 (Inside IR35) Duration: 6 months Role Overview We are looking for a proactive Microsoft Security Engineer to protect digital assets and strengthen the organisation's security posture. The role involves working with Microsoft Defender XDR, Purview, and Entra ID to manage … threats, safeguard data, and ensure compliance, while collaborating with IT, security, and compliance teams. Key Responsibilities Manage and monitor endpoint, email, identity, and cloud security using Microsoft Defender XDR. Implement Data Loss Prevention and Information Protection policies via Microsoft Purview. Configure Insider Risk Management and monitor communications for policy compliance. Apply Data Security Posture Management (DSPM) to … through Microsoft Entra ID, including Conditional Access, MFA, and Privileged Identity Management. Secure BYOD and other devices and monitor for compromised credentials. Document incident response processes and provide regular security reports. Skills and Experience 8-10 years in cybersecurity, with experience in Microsoft security solutions. Hands-on expertise with Defender XDR, Purview, and Entra ID. PowerShell scripting for More ❯

SOC Operations Manager - Azure, ISO27001, Energy Up to £800 per day - Inside IR35 Primarily remote - Occasional travel 3 - 6 months My client is an instantly recognisable consultancy who require a SOC Operations Manager to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll … within Energy/Construction/Utilities Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity with cloud platforms, in particular Azure and/or AWS. Ability to effectively communicate SOC value to stakeholders through clear and efficient reporting. Clear knowledge of current More ❯