4 of 4 Permanent Anomaly Detection Jobs in Gloucester

will contribute to the development of advanced machine learning models that support a broad spectrum of defence applications, including real-time object detection, multi-sensor data fusion, anomaly detection in complex systems, and predictive analytics for operational readiness. The role sits within a multidisciplinary engineering team, collaborating closely with software developers, data scientists, and subject More ❯

Grade: GG10 - GG11 Job Description: Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomaly detections. Mentor team members and share knowledge via the SOC Knowledge Repository. Build relationships with external SOCs and cybersecurity researchers to identify useful analytics and threat intelligence. Develop complex … KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats impacting cloud services and prioritize implementation. Research vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection testing. Review red team and pentest findings to improve detection rules. Support forensic investigations and … practices and techniques. Knowledge of Azure, AWS is desirable. Familiarity with Windows Active Directory, Windows OS fundamentals, and networking fundamentals. Experience with CICD, source control, and writing malware and anomaly detections. Use of statistical methods for anomaly detection. Practical expertise in Microsoft Sentinel/XDR and complex KQL analytics. Strong knowledge of current security threats and threat prioritization More ❯

autonomously. Build relationships outside the HMG community with external SOCs and cybersecurity researchers to identify beneficial analytics, tradecraft, and threat intelligence. Develop complex KQL analytics and playbooks for detection rules against M365 environments and host-based analytics for Linux and Windows VMs. Review open-source research on threats impacting cloud services and prioritize implementation. Research vulnerabilities and produce … proof-of-concept exploits to demonstrate potential compromises. Emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes and data analysis, demonstrating the need for improvements through scenarios and red teaming. … knowledge is desirable. Understanding of Windows Active Directory and Windows OS fundamentals. Knowledge of networking fundamentals. Experience with CI/CD and source control. Experience in writing malware and anomaly detection rules. Use of statistical methods for anomaly detection. Advanced practical experience with Microsoft Sentinel and/or Microsoft XDR. Proficiency in writing complex KQL analytics More ❯

Grade: GG10 - GG11 Job Description Point of escalation for intrusion analysis, forensics and Incident Response queries. Able to provide root cause analysis of complex, non-standard analytic findings and anomaly-based detections for which a playbook does not exist. · Mentor and share knowledge with the wider team as and when it becomes prudent. · Contribute and facilitate collaboration through the … that may benefit the Blue Team, including both communicating suggestions for funding/prioritisation to technical lead, and working as lead implementor when required. · Development of new complex and anomaly-based KQL analytics, and associated playbooks that result in creation of bespoke detection rules/analytics against M365 environments, plus host-based analytics for Linux and Windows … of AWS · Knowledge of Windows Active Directory · Knowledge of Windows Operating System fundamentals · Knowledge of Networking fundamentals · Experience using CICD and source control · Experience in writing new malware and anomaly detections Knowledge of using statistical methods to find anomalies in data · Advanced Practical use of Microsoft Sentinel and/or Microsoft XDR · Competent in writing med-highly complex KQL More ❯