eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
City of London, London, United Kingdom Hybrid/Remote Options
Cititec
eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. Experience with cloud security principles in AWS, Azure, or GCP. Ability to More ❯
with DLP incident handling, remediation, and reporting Proficiency in Microsoft Office products Experience in securing AI-driven systems and leveraging AI tools. Familiar with Microsoft Defender for Endpoint, Thales, CrowdStrike Falcon and SIEM, CyberArk, Rapid7, and Palo Alto products is a plus Lead Cyber Security Engineer More ❯
City of London, London, United Kingdom Hybrid/Remote Options
DVF Recruitment
You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and More ❯
You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and More ❯
London, South East, England, United Kingdom Hybrid/Remote Options
Career Legal
You’ll Do Build the SecOps team from the ground up and manage/mentor the team. Lead the implementation, optimisation, and management of cutting-edge security tools like CrowdStrike, Palo Alto, and Mimecast. Take ownership of our cyber defence posture from incident response and vulnerability management to WAFs, DDoS protection, and encryption. Mentor junior engineers, elevate best practices, and More ❯
of compliance frameworks and risk management strategies. Preferred Qualifications Certifications such as CISSP, CCSP, CISM, AWS/Azure Security Specialty, or equivalent. Experience with tools like Okta, Azure AD, CrowdStrike, Tanium, Zscaler, Vault, and other modern security platforms. Familiarity with DevSecOps principles, Infrastructure as Code, and secure software development practices. Who You'll Work With Work Environment & Additional Information Hybrid More ❯
configure Darktrace vSensor probes for network monitoring and threat detection. Optimize Darktrace models to minimize false positives and improve alert accuracy. Perform post-build security checks using Splunk, Qualys, CrowdStrike, and CyberArk before server sign-off. More ❯
configure Darktrace vSensor probes for network monitoring and threat detection. Optimize Darktrace models to minimize false positives and improve alert accuracy. Perform post-build security checks using Splunk, Qualys, CrowdStrike, and CyberArk before server sign-off. More ❯
in cloud environments. Familiarity with cloud-native security tooling (Purview, MS Defender, AWS Security Hub, GuardDuty, etc.). Strong understanding of Identity functions & Related tools, EntraID/Purview/CrowdStrike etc. Solid knowledge of Zero Trust/Data Classification/hybrid connectivity – and producing related architecture. Knowledge of common frameworks and standards (NIST, CIS Benchmarks, ISO 27001, CSA CCM). More ❯
City of London, London, United Kingdom Hybrid/Remote Options
Computappoint
in cloud environments. Familiarity with cloud-native security tooling (Purview, MS Defender, AWS Security Hub, GuardDuty, etc.). Strong understanding of Identity functions & Related tools, EntraID/Purview/CrowdStrike etc. Solid knowledge of Zero Trust/Data Classification/hybrid connectivity – and producing related architecture. Knowledge of common frameworks and standards (NIST, CIS Benchmarks, ISO 27001, CSA CCM). More ❯
driving network modernization initiatives, including transitions from legacy infrastructure to SD-WAN, SASE, and cloud-native security models Hands-on experience with endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral More ❯
loss prevention (DLP), and compliance checking. Build automated controls for device posture, encryption, threat detection, and remediation. Own and optimize integrations with tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation, and health monitoring. Ensure endpoint telemetry is integrated with SIEM platforms and observability stacks. Partner with platform and More ❯
incident management, monitoring, and response. Key Skills & Experience Proven experience leading or managing a SOC function within capital markets, FinTech, or smaller financial services environments. Strong technical experience with CrowdStrike and Elastic SIEM . Skilled across the Microsoft 365 Security Stack (Defender, Sentinel, Entra). Hands-on capability in incident response, threat hunting, and digital forensics . Demonstrated experience managing More ❯
and processes Experience required Minimum 2 years in a SOC environment followed by recent hands-on incident response experience Strong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) Solid understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable Exposure to automation … and processes Experience required * Minimum 2 years in a SOC environment followed by recent hands-on incident response experience * Strong working knowledge of SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) * Solid understanding of Windows, Linux, and network security principles * Experience with forensic or threat analysis techniques * Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable * Exposure to automation More ❯
City of London, London, United Kingdom Hybrid/Remote Options
TDA TELECOM LIMITED
etc.). Produce proposals, Bills of Materials (BOMs), high-level designs, and Statements of Work (SOWs). Vendor & Partner Engagement Work with leading vendors (Palo Alto, Fortinet, Cisco, Microsoft, CrowdStrike, etc.) to ensure optimal solution fit. Maintain awareness of vendor roadmaps, certifications, and competitive positioning. Provide vendor-neutral recommendations when appropriate to best serve client needs. Sales Enablement & Strategy Support … Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or equivalent security qualification. (Preferred) Relevant vendor certifications (Palo Alto, Fortinet, Cisco Security, Microsoft, CrowdStrike, etc.). (Preferred) Excellent presentation and communication skills, able to engage both executives and technical audiences. Ability to simplify complex topics and align solutions to business outcomes. Consultative approach with More ❯
assessments and generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Tenable and Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents. Maintain up-to-date knowledge of the latest vulnerabilities, exploits, and mitigation techniques, providing guidance and … automation, remediation tracking, reporting and prioritization methodologies. Advanced proficiency with vulnerability management tools such as Tenable.sc and Tenable.io. Hands-on experience with endpoint protection and threat intelligence platforms, specifically CrowdStrike and Microsoft Defender. Strong analytical and problem-solving skills, with the ability to interpret complex security data and drive effective remediation. Excellent communication skills, capable of conveying technical information to More ❯
assessments and generate actionable reports. Develop and deliver regular vulnerability reporting, metrics, and dashboards for management and technical teams via Tenable and Defender. Collaborate with incident response teams using CrowdStrike and Microsoft Defender to correlate vulnerability data with threat intelligence and active security incidents. Maintain up-to-date knowledge of the latest vulnerabilities, exploits, and mitigation techniques, providing guidance and … automation, remediation tracking, reporting and prioritization methodologies. Advanced proficiency with vulnerability management tools such as Tenable.sc and Tenable.io. Hands-on experience with endpoint protection and threat intelligence platforms, specifically CrowdStrike and Microsoft Defender. Strong analytical and problem-solving skills, with the ability to interpret complex security data and drive effective remediation. Excellent communication skills, capable of conveying technical information to More ❯
Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage … supporting junior analysts and coordinating operational tasks. Provide technical guidance and contribute to process improvement initiatives. Preferred Certifications: Essential: CompTIA Security+ Microsoft Certified: Security Operations Analyst Associate (SC-200) CrowdStrike Certified Falcon Administrator (CCFA) Darktrace Analyst Certification (if available) Desirable: GIAC Certified Intrusion Analyst (GCIA) EC-Council Certified Threat Intelligence Analyst (CTIA) Microsoft Certified: Identity and Access Administrator Associate (SC More ❯
required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central) Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents) Understanding of zero trust networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or … InfoSec input for new market expansion and business initiatives Tech & tools you’ll use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in More ❯
required Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central) Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents) Understanding of zero trust networks, SSO, and network segregation principles Strong communicator: able to advise IT teams on practical security steps, not just theory Experience mentoring staff or … InfoSec input for new market expansion and business initiatives Tech & tools you’ll use: Microsoft Purview – Data governance and compliance Azure (and AWS) – IAM, monitoring, encryption Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection Panorays – Third-party risk Protecht – Enterprise risk & audit management Rapid7/Armis – Vulnerability management and threat detection Why this role? Hands-on, high-impact role in More ❯
forensic investigations across endpoint, network, and cloud environments (AWS, Azure). Perform incident response for on-premises and cloud infrastructures, identifying root causes and containment strategies. Use tools like CrowdStrike, Magnet Axiom, X-Ways, SIFT Workstations, and EZTools to collect, preserve, and analyse evidence. Develop custom scripts and forensic tooling to automate investigation workflows. Document findings clearly in reports and … experience in Digital Forensics and Incident Response (DFIR), ideally within a consulting or client-facing environment. Strong technical foundation in systems administration, networking, and security architecture. Practical experience with CrowdStrike, Magnet Axiom, X-Ways, SIFT, and forensic artefact parsers (EZTools, log parsers, etc.). Deep understanding of AWS and Azure cloud environments and associated forensic procedures. Expertise in log analysis More ❯
