Job summary The Associate Information Security Practitioner role is part of the Moorfields Information Security Team. The team ensures that our systems and data are safe, secure, and resilient - so that we can focus on delivering high-quality, patient-centred care, and are trusted by our patients, service users and staff. The team has operational responsibility for security tooling, such as anti-virus and intrusion prevention, security assurance platforms, security testing and monitoring platforms, etc) and for our managed services (security operations centre). The team performs assurance and compliance activities most notably contributing to the annual NHS Data Security Protection Toolkit (DSPT) cycle. We put people at the heart of everything we … Digital, Data and Technology experts that deliver excellence in a busy department. Main duties of the job At this role level, you will: Contribute to operational support of information security solutions and services Engage with our third party provision of information security service Contribute Information Security expertise to projects and operational services Support assurance activities and the More ❯
Role/Job Title: DevSecOps Pentester Work Location: London (2 - 3days) The Role Conducts security assessments and penetration tests across CI/CD pipelines, cloud infrastructure, and application environments. Integrates automated security tools and practices within DevOps workflows to ensure continuous security validation. Identifies and exploits vulnerabilities in code, containers, APIs, and infrastructure-as-code before they … reach production. Collaborates with development, security, and operations teams to implement remediation and improve security posture. Stays current with threat landscapes, tools, and methodologies to proactively defend against evolving cyber risks in general and more specific to an airline industry, transportation sector. Your Responsibilities Integrate security practices and tools into the DevOps pipeline to ensure security is a continuous process. Perform IaC Automation and ServiceNow integrations to automate AWS Service catalogues. Contribute to security tooling, checklists, and automation efforts. Identify potential security threats and vulnerabilities during the design phase identify flaws in CI/CD, IaC, and cloud/containerized environments. Perform manual and automated security testing on web apps, APIs, pipelines. More ❯
I am currently assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing securityposture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/… Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google … log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December More ❯
I am currently assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing securityposture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/… Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google … log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December More ❯
I am currently assisting a client who operate in a regulated industry, financial services, who are currently embarking a programme of work focused on maturity/designing and implementing securityposture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/… Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google … log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December More ❯