18 of 18 Permanent Blue Team Jobs in the UK

Our Cyber team look after some complicated and compelling areas within Aero, Defence and Security. If you want to lead from the front, gain experience working with multiple clients, and always have access to the latest technologies, then join the team who are on the cusp of continued growth and known as leaders in their field. Our new … position of SOC Shift Lead will direct a team of SOC Analysts, conduct monitoring and triage of alerts associated with host and network security events for our clients critical infrastructure and support the SOC through both delivery of client work and adding skills and ideas to this already diverse team. This role is based on site Hemel Hempstead and … security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update More ❯

analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and … personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting … career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Working shifts from the on-site Security More ❯

analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure the smooth operation and continual enhancement of SOC processes and … personnel. You will play a pivotal role in protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting … career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Working shifts from the on-site Security More ❯

our clients and the challenges they face to create tailored solutions and avoid generic, off-the-shelf products and services. The Role We're looking for an experienced Red Team Operator to join our adversary simulation team, delivering high-impact operations against some of the most complex enterprise environments in the UK and beyond. This isn't a … derived from current threat actors, helping our clients uncover blind spots and prepare for the attacks that actually matter. We value curiosity, creativity, and diverse experience - some of our team came from medicine, others from blue team, IT, or non-technical backgrounds. If you're an experienced operator looking to work on challenging problems alongside a … strong and supportive team, we'd love to hear from you. What you will be doing: Planning and executing full-spectrum red team operations against large-scale organisations. Designing and delivering targeted phishing and social engineering campaigns with behavioural realism. Performing advanced Active Directory enumeration and abuse, including trust path abuse, delegation exploitation, and credential material extraction. Simulating More ❯

the SOC in partner and stakeholder meetings. Contribute to SOC process improvement, skills development, and knowledge sharing. Skills/Must Have: Strong experience working in a SOC environment. Proven team leadership or people management experience. Expertise in Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc. … enterprise infrastructure. Desirable skills: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM tools such as QRadar. Shift Pattern: 2 Days, 2 Nights, 4 Off Benefits: 25 days annual leave (plus option to purchase more More ❯

irregularities and alerts which may indicate incidents, breaches and events. Investigation of alerts and incidents to ascertain the criticality and prioritisation of security incidents and vulnerabilities. Collaborate with other team members to further investigate incidents and propose responses and solutions. Report any new knowledge gained about existing cyber threats or vulnerabilities within their network so that future incidents can … to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations that may lead to vulnerabilities to Logiq platforms. Collaborate with other InfoSec team members to ensure that the client has the correct procedures in place to continue to operate safely and securely. Conduct the daily and weekly checks to identify vulnerabilities, providing … this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Company benefits include: Discretionary 10% bonus Discretionary 2k annual training fund per employee Very competitive pension More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

some flex) Salary: £45,000 - £55,000 per annum, amazing training opportunity for a tired SOC analyst We are looking for an Incident Response (IR) Consultant to join our team of passionate and pragmatic cyber defenders. This is a unique opportunity for someone with a few years of experience in a SOC (Blue Team/Security … You'll also be part of our escalation rota, supporting our Managed Detection and Response (MDR) service - sometimes leading incidents, other times mentoring junior SOC/Blue Team analysts. We are ideally looking for someone who can work hybrid , attending an office in Ealing one day per week, but we're open to some flexibility for the … the development and delivery of high-quality, actionable defensive security content. Communicate clearly and confidently with clients - both in writing and verbally - during high-pressure situations. Work alongside the team to continually improve incident response and detection capability. About You We're not looking for a technical wizard, but someone with a solid grounding and the confidence to roll More ❯

/day Outside IR35 I am working with an exceptional Microsoft Security Solution Provider, and they have an urgent requirement for a Sentinel SecOps Engineer to join their onsite team at one of their longest standing Financial Services clients in the Bank area of London. They have recently rolled out Sentinel as the SIEM including for Endpoint and they … Previous experience working within financial services Experience using ITSM tools Knowledge of the phases in incident response and Cyber Kill Chain Good blue/purple/red team experience Please hit the button to Apply and/or call Will Martin at at InfraView for further info. If this role is not for you, please register with More ❯

worldwide to secure critical infrastructure and sensitive data. They have a reputation for innovation and have been recognized among the top employers in the security industry. Job Title - Red Team Operator Location - Remote, Western Europe Time Zone (UK, France) Role Type - Contract, 6 months with possibility of extension. Must Have Skills: Active Offensive Security OSCP or GIAC GPEN certification … tools like Kali Linux, Metasploit Pro, and NMAP; capable of exploiting vulnerabilities such as SQL injection, XSS, and password cracking Previous experience on a Cyber Defense Blue Team (SOC, Incident Response, Threat Hunting, or Security Architecture) Understanding of the MITRE ATT&CK Framework and core networking concepts. Responsibilities and Job Details: Conduct red team operations and … exploits such as SQL injection, XSS, and password attacks Write and maintain scripts in Python, PowerShell, and Bash to automate tasks and testing procedures Collaborate with Blue Team counterparts to improve overall security posture Analyze and report on vulnerabilities, scoring, and remediation efforts Apply deep knowledge of Linux and Windows environments during testing Leverage knowledge of ports More ❯

Are you looking for a career where you can make a real difference in people's day? We are seeking an IT Cyber Security Analyst to join our team based in London, with hybrid working arrangements. Can you move people? Apply now. What you'll do The Cyber Security Analyst will handle daily operational cyber security incidents, working closely … following in your application: At least 2 years of experience working in a cyber security role Extensive experience with Microsoft products. Experience working in red/blue team scenarios. Certifications such as CompTIA Security+ (or equivalent) and Certified Ethical Hacker. We support applicants under the Armed Forces Covenant and Disability Confident Scheme. If you meet the criteria … transportation; it's about making a difference in every journey and creating a great place to work, reflected in our awards and commitments to diversity and safety. Our Safeguarding Team ensures the safety of customers, colleagues, and the public, continuously improving safeguarding measures. Salary range: £45,000 - £55,000 per annum, plus free rail travel. More ❯

Serve as the point of escalation for intrusion analysis, forensics, and incident response queries. Provide root cause analysis for complex, non-standard findings and anomalies without existing playbooks. Mentor team members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics … threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating … world risks. Architect detection programs to identify unusual behaviors, reduce dwell time, and optimize resource use. Oversee practices that enhance daily operations, including quality reviews. Lead operational strategy and team exercises, collaborating across functions. Contribute to team requirements, including engineering and continuous improvement. Design and conduct technical interviews, evaluating candidate responses. Experience Proven experience in security testing practices More ❯

impact we have with our clients and with the communities in which we work and live. It is personal to all of us.” – Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy … and expertise. As a Cyber Threat Analyst you will: As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don’t worry if you don’t tick every box – we’d still love to hear from you! If you’re excited about More ❯

activities. The successful candidate will be a hands-on, technically skilled security professional with experience across a broad range of cybersecurity disciplines (red/purple and blue team), this experience will enable you to successfully help shape, implement, and maintain effective security controls and infrastructure across the firm. This is a hybrid role (3 days in office More ❯

impact we have with our clients and with the communities in which we work and live. It is personal to all of us." - Julie Sweet, Accenture CEO In our team you will learn: You will have a Cyber Security background, will perform as a client-facing role, and will be willing to contribute to our internal Digital Transformation strategy … and expertise. As a Cyber Threat Analyst you will: As part of our Blue Team, you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Don't worry if you don't tick every box - we'd still love to hear from you! If you're excited about More ❯

Deliver and maintain practical recovery processes across a complex, global technology and business landscape. Champion and coordinate cyber resilience testing activities - including red/blue/purple team exercises - and ensure continuous improvement through lessons learned. Build clear, usable documentation and artefacts that support real-world application of recovery processes. Develop metrics and maturity reporting to monitor More ❯

commercial and technical audiences A proactive, self-starting approach with a focus on outcomes and customer value Overview Software Licensing & SAM Pre-Sales Consultant About the Role Baby Blue is recruiting on behalf of a growing technology services provider for an experienced Software Licensing & Software Asset Management (SAM) Pre-Sales Consultant . This is a pivotal role for … the SAM services roadmap Why Work With Us Shape a specialist role with real influence across pre-sales and SAM strategy Join a fast-moving, collaborative, and expert-led team Competitive salary and attractive OTE package Flexible, remote-first working environment Ongoing development support including training and certifications Ready to Apply? Send your CV to or reach out via … our contact page. All enquiries will be handled in strict confidence by the Baby Blue team. More ❯