1 to 25 of 28 Contract Security Operations Jobs in the UK excluding London

Job summary The Senior Security Analyst (Ops) sits within the Protective Monitoring function of the Cyber Security Operations Centre (CSOC). The CSOC is made up of Protective Monitoring, Incident Management, Threat Operations, Engineering and Consultancy. The role is a Tier 3 analyst in the Cloud Protective Monitoring Sub team. Cyber Operations purpose is to … cyber resilience and enabling the wider health system to be cyber resilient, supporting Transformation Directorate's purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub-directorate consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO … The post of Senior Security Analyst has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition of this, the role attracts an additional monthly RRP payment equal to 20% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Senior More ❯

Contract Role – Security Analyst (Network & Endpoint) – England/Remote – 4+ Months Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful … candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection … Microsoft Entra ID. Monitor Entra ID logs and integrate with Sentinel for rule-based alerting. Additional Technologies: Experience with Zscaler for secure web gateway and DLP. Exposure to Google SecOps is advantageous. Team Leadership: Operate at a team lead level, supporting junior analysts and coordinating operational tasks. Provide technical guidance and contribute to process improvement initiatives. Preferred Certifications: Essential: CompTIA More ❯

Security Analyst (Network & Support) Location - London (Hybrid) Duration - 6 Months (Initially) Rate - £450 (A day) IR35 - Outside IR35 Summary To be part of Digital Services, actively contributing as a member of the Infrastructure and Operations Team to support and develop the Network Infrastructure, Services, and Security. Provide 3rd line support for all wired, Wi-Fi, and remote access … network services to staff, students, contractors, and visitors. Act as a key point of reference in network security, contributing to the implementation, development, provisioning, and operational support of network dependencies. The post holder will be expected to support the designing, implementation, and maintenance of our client's Network Security Infrastructure to protect against cyber threats. Accountabilities and Responsibilities … Security Operations Support Serve as a reference point for network security across IT teams, providing guidance and specialised expertise on security measures. Conduct vulnerability assessments, security audits, and continuous monitoring of network traffic for anomalies using advanced security tools. Collaborate with IT teams to ensure security measures are integrated into network architecture and More ❯

Infrastructure Security Engineer We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days), office location being London. They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. They are also looking for … a candidate who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks … for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft Exchange online Azure and on More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents and … escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents and … escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you will … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯

On behalf of the Met Office, we are looking for a Cyber Security Analyst (Inside IR35) for a 6 month contract based hybrid in Exeter as and when required. As a Cyber Security Analyst, your main responsibilities will be: . Supporting information security delivery work, including the development and implementation of Information Security Policies, Standards, processes … and guidance. . The security of Digital infrastructure by proactively analysing security threats/challenges/risks to the environment, including conducting penetration testing and compliance reviews monitoring of Information Security and information management to ensure compliance including reviewing and monitoring system and network logs for malicious activity or unacceptable use. Typical Skills: . Technical Knowledge within … anti-virus, networking, vulnerability management, encryption, Microsoft technologies, Linux. Knowledge of Information Security standards, legislation and practices, including GDPR & Data Protection Act 2018. . Experience in dealing with a wide range of Information Security matters and operating in an ITIL based environment. . Strong problem solving ability, with flexibility to think creatively and adapt to and implement rapidly More ❯

Cyber Security Consultant- Remote An exciting opportunity has arisen for a Cyber Security Consultant who can provide practical advice and hands-on support to improve security project and manage alerts. We’re seeking a specialist who has expertise in Microsoft Defender & Sentinel who can turn alert data into actionable intelligence, identify opportunities for optimisation, and advance the … customer’s SOC maturity through data-driven improvements and Sentinel/Defender best practices. As a Cyber Security Consultant, your mission is clear; be technically proficient and provide practical solutions rather than theoretical advice. The consultant should be able to work closely with the team to implement changes and improve security. Cyber Security Consultant’s Responsibilities: Develop and … tools such as Advanced Hunting, Threat Analytics, and Attack Surface Reduction to strengthen detection and response. Recommend SOC process improvements through data-driven insights and best practice alignment. Cyber Security Consultant’s Required Knowledge and Experience: Extensive experience with Microsoft Defender, Sentinel, and possibly working in a Security Operations Centre (SOC). Experience extracting alert data and More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

SOC Operations Manager - Active SC, Azure, ISO27001, Energy Up to £800 per day - Inside IR35 Primarily remote - Occasional travel 3 - 6 months My client is an instantly recognisable consultancy who require a SOC Operations Manager with Active Security Clearance (SC), to lead the day-to-day operations of a Security Operations Centre. This is … measurable value to a well-known end client within the Energy Sector. Key Requirements: Proven experience working within SOC management, within Energy/Construction/Utilities Holds an Active Security Clearance (SC) Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

SOC Operations Manager - Azure, ISO27001, Energy Up to £800 per day - Inside IR35 Primarily remote - Occasional travel 3 - 6 months My client is an instantly recognisable consultancy who require a SOC Operations Manager to lead the day-to-day operations of a Security Operations Centre. This is a hands-on leadership role where you'll … within Energy/Construction/Utilities Hands on leadership and team management skills. Proven experience with Enterprise Technologies (SOC/SIEM/XDR). Strong working knowledge of M365 security features. Familiarity with cloud platforms, in particular Azure and/or AWS. Ability to effectively communicate SOC value to stakeholders through clear and efficient reporting. Clear knowledge of current More ❯

Security Engineer Rate: £550/£600 per day (Inside IR35 via umbrella) Duration: 8 months initial Location: Bristol - hybrid once a week on site We're seeking a Security Engineer to support ongoing security operations while playing a key role in a major data centre migration. You'll work across on-prem and AWS environments, collaborating … with both internal stakeholders and third-party partners. Responsibilities Optimise and streamline security logs to reduce platform costs Review and enhance Zscaler and MS Defender configurations Strengthen and refine role-based access controls Support and validate security actions during a physical data centre move, ensuring alignment with external suppliers Skills & Experience Strong stakeholder management and adaptability Proficiency with More ❯

cyber threats, identifying patterns and trends. Apply the intelligence life cycle, from collection through to reporting. Ensure the Threat Intelligence Programme meets organisational aims. Influence and advise stakeholders on security-focused decisions. Work closely alongside other Security Operations teams such as SOC. Identify intelligence of concern across various sources and tools, and conduct analysis and assessment of … threats, threat actors, attack vectors, and vulnerabilities. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Knowledge of threat cyber security frameworks such as MITRE ATT&CK, Kill Chain and NIST CSF 2.0. The ideal candidate will combine strong technical expertise with a solid understanding of global events and their More ❯

looking for a new cyber challenge? This is your chance to lead on all things cyber at the Northern Ireland Housing Executive (NIHE) - a role where cyber strategy, cyber operations, and cyber resilience are at the heart of everything you do. NIHE is on the lookout for a Cybersecurity Manager to join their IT Operations Team in Belfast. … This is a temporary opportunity where you'll play a key role in shaping and delivering the organisation's cyber security strategy, managing risks, and ensuring compliance with the latest standards like GovAssure, ISO27001, and Cyber Essentials. What you'll be doing: Leading cyber security operations across the organisation. Developing and implementing cyber policies and procedures. Managing … Driving awareness and embedding cyber best practices across IT projects. Reporting on cyber performance and advising senior leadership. What we're looking for: 3+ years' experience in a cyber security management role within a large organisation. Or strong experience across key areas like cyber governance, risk, compliance, and incident response. A deep understanding of cyber security frameworks and More ❯

Wireless), virtualisation and cloud technologies, and will possess current industry certifications in these areas. You will have a solid background in cybersecurity, and demonstratable skills in the domains of security operations, data loss and fraud prevention, security architecture, identity and access management. About You To be considered as our Head of IT, you will need: Azure Solutions More ❯

Months IR35: Inside IR35 Location: Highbridge, Somerset We’re supporting a partner with a short-term requirement for a Microsoft & Cybersecurity Engineer to assist with both infrastructure and security operations. This is a hands-on, blended role requiring someone confident across the Microsoft ecosystem who can also provide technical input on cybersecurity matters. Key Responsibilities/Requirements: Microsoft ecosystem More ❯

Weeks IR35: Inside IR35 Location: Somerset (onsite) We’re supporting a partner with a short-term requirement for a Microsoft & Cybersecurity Engineer to assist with both infrastructure and security operations. This is a hands-on, blended role requiring someone confident across the Microsoft ecosystem who can also provide technical input on cybersecurity matters. Key Responsibilities/Requirements: Microsoft ecosystem More ❯

Our client is seeking an experienced Associate Security Analyst to join their Cyber Defence team. This is a hands-on role where you will investigate and respond to cyber security incidents that could impact critical systems and services across the UK. You will play a key part in identifying threats, supporting incident response, and helping to continually improve … involves mentoring apprentice analysts and joining an out-of-hours on-call rota to ensure 24/7 coverage of potential cyber incidents. Key Responsibilities Investigate and triage cyber security alerts and user reports. Analyse systems, files, network traffic, and cloud environments to determine the extent of incidents. Support technical responses to incidents, including containment, eradication, and recovery. Contribute … to post-incident reviews and develop lessons learned. Create and improve incident response playbooks and knowledge base articles. Work closely with wider Cyber Defence functions to strengthen security operations. Act as an escalation point for apprentice security analysts, providing coaching, mentoring, and line management. What We’re Looking For 2-3 years’ experience investigating and responding to cyber More ❯

an umbrella company Inside IR35 We are seeking an experienced Contracts & Commercial Lead who will manage the re-procurement of the End User Workspace, Hosting, Managed Network, Unified Communications, Security Operations, Telephony and Wide Area Network. You will lead on commercial strategy, procurement planning, contract management, and supplier performance, ensuring compliance with council governance frameworks. Key Responsibilities include More ❯

Part Time | M365 IT & Security Support Engineer | £300 - £350 | Outside IR35 | Onsite We’re recruiting an experienced M365 IT & Security Support Engineer to assist our client through a busy transitional period. This 2-month contract is determined as Outside IR35 and offers a daily rate between £300 - £350 per day. This part-time position (2–4 days per … week) requires onsite attendance in central London on all working days.The successful candidate will work closely with the IT & Security Manager to reduce ticket backlog, coordinate with the MSP and wider business, and deliver hands-on 2nd to 3rd line support across infrastructure, Microsoft services, and security operations. Key Requirements Support IT & Security Manager with hands-on … M365 tenant, Entra ID, Exchange, SharePoint, Defender platforms Manage SharePoint permissions, documentation, and 'joiner-leaver-mover' processes Coordinate effectively with MSP and wider business, handle vendor management Roll out security policies, review permissions, and manage user access Support merger groundwork, MSP transition, and day-to-day M365 operations If this IT & Security Support Engineer role sounds like More ❯

ServiceNow IRM Business Analyst in client engagements Create High-level & low-level technical design documents and participate in architecture design for deployment. Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM … working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript, API, Web Services Working knowledge of Vulnerability Mgmt. … process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) ServiceNow GRC & SecOps B.E/B.Tech , BCA/MCA ServiceNow Certified Consultant Thanks More ❯