1 to 25 of 62 Permanent Intrusion Detection Jobs in England

continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response : Establish and maintain processes for continuous security monitoring and detection of security events, including application-specific security events. Lead the investigation and resolution of security incidents, including those related to application vulnerabilities, root cause analysis, and implementation of corrective … risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate More ❯

to ensure the security of network infrastructure and data.- Manage risk assessments and vulnerability assessments to identify potential security threats.- Oversee the implementation of security measures such as firewalls, intrusion detection systems, and data encryption technologies.- Provide training and guidance to staff on information security best practices.- Stay updated on the latest cybersecurity trends and technologies.**Qualifications:**- Bachelor … CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA/CCNP Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools. Familiarity with regulatory requirements and industry standards related to IT security. Hays Specialist Recruitment Limited acts as an employment agency for More ❯

compliance with relevant regulatory standards (eg ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

and preserve evidence in accordance with legal and regulatory requirements. Provide detailed forensic reports and recommendations for improving security posture. Incident Response: Lead and coordinate incident response efforts, including detection, containment, eradication, and recovery. Support development and maintenance of incident response plans and procedures. Conduct post-incident reviews and lessons learned sessions to improve response capabilities. Security Tools: Utilize … and maintain security tools and technologies, such as firewalls and intrusion detection/prevention systems. Ensure security tools are properly configured and updated. Evaluate and recommend new security tools and technologies to enhance security operations. Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and vulnerability assessments. Prepare reports for management and stakeholders. Collaboration: Work closely … experience with IT technologies, including cloud infrastructure; experience of AWS an advantage. Understanding of the Secure Software Development Lifecycle. Security Tools Proficiency: Expertise in using firewalls (especially Palo Altos), intrusion detection systems and endpoint security solutions. Network Security: Strong understanding of network protocols, VPNs, and network security architecture. Incident Response: Ability to detect, analyse, and respond to security More ❯

a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with … Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms (Azure More ❯

a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with … Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms (Azure More ❯

assigned to work in a role with one of our trusted client partners as a 'Spartan' consultant. In this role you will undertake: Network Security - Understanding of firewall configuration, intrusion detection/prevention systems (IDS/IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and More ❯

experience as a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments. Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). More ❯

and regulations. Collaborate with IT teams to integrate security protocols into network architecture and operations. Be involved in the deployment and maintenance of network security devices such as firewalls, intrusion detection systems, and VPNs. Act on to and recover from security incidents, including conducting post-event analyses to prevent future incidents. Stay abreast of the latest cybersecurity threats More ❯

Identification, Containment, Eradication, Recovery, and Lessons Learned - collaborating with a global team of incident responders. You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that … information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more. You will also leverage your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural and global environments. … response process is working smoothly Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements - Evaluate the incident response readiness of different layers - people, process, technology Detection & Analysis: - Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team. - Respond to cyber security incidents in compliance with the local authority More ❯

Knowledge of currentmarket and emerging tools in data analytical and SIEM platforms. Knowledgeof network security implementations (e.g., IDS, IPS, EDR), including theirfunction and placement in an enterprise network. Knowledgeof intrusion detection systems and signature development. Knowledge of front-endcollection systems, including network traffic collection, filtering, andselection. Knowledge of cyber security threats,vulnerabilities, and privacy principles. Working knowledge inconfigurating More ❯

in data security, cybersecurity, or a related field. Hands-on experience with Proofpoint implementations (e.g., Email Protection, Targeted Attack Protection, Information Protection). Proficiency in security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM. Experience with ProofPoint in a cloud-based environment, specifically Microsoft 365 Excellent problem-solving skills and the ability to More ❯

or CISM accreditation. You will develop and maintain the information security architecture and will have proven experience with compliance, vulnerability management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform regular threat analysis and act as a subject matter expert More ❯

a similar role. Industry certifications such as CISSP, CEH, etc or equivalent are highly desirable. You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. Mature understanding/experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows/Linux), to … working with internal stakeholders to make sure the organization is compliant with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration More ❯

a similar role. Industry certifications such as CISSP, CEH, etc or equivalent are highly desirable. You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. Mature understanding/experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows/Linux), to … working with internal stakeholders to make sure the organization is compliant with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. Experience of external penetration More ❯

testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems. Support Security Architecture & Design: Assess the design, implementation, and maintenance of developed More ❯

to attack vectors and security incidents, and coordinate incident response across teams Security software testing:?Test company software, firmware, and firewalls Security software design:?Design software security systems like intrusion detection systems and firewalls Security system maintenance:?Maintainand proof network security systems Security system analysis:?Analyse security systems and seek improvements on a continuous basis? Help develop platforms More ❯

with the latest cybersecurity threats and trends and escalate risks promptly. Ensure compliance with relevant industry regulations and standards (e.g., GDPR, ISO 27001). Manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software, in collaboration with GT. Develop and test incident response plans and coordinate responses to security incidents and breaches. Raise cybersecurity awareness More ❯

standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and vigilance. Identify and implement improvements to detection and response … processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or a related discipline. Hands-on experience with insider threat detection tools … UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of the cyber threat landscape, including adversary tactics, campaigns, and the intersection of insider and external threats. Demonstrated ability to More ❯

Requirements A passion for Cyber Security and enjoys solving problems Knowledge of the security threat landscape Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems) Knowledge of TCP/IP Protocols, network analysis, and network/security applications Knowledge of common Internet protocols and applications Ability to multi-task, prioritize, and More ❯