Harlow, London, United Kingdom Hybrid / WFH Options
Raytheon
Operations Centre. Main Duties Responding to requests from SOC to tune SIEM, IDS and associated tooling in an effective and timely manner. Working with threat management teams and liaising directly with Network and Data Centre teams to ensure Network architecture, Security Zone configuration and deployment of sensors and remediation … or Python. Experience of working in MOD and/or other regulated industries i.e. banking, telecommunications. Experience of use case development and implementation, leveraging threat intelligence. An understanding of designing and implementing secure systems to HMG security requirements. You will be a self-starter with the ability to prioritise more »
identify cyber-attacks/security incidents. Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Understand ThreatIntelligence and its use in an operational environment Produce new workflows for automation into SOAR tools for common attack types. Continually improve the … using Splunk and Sentinal Working with a range of security tooling/technology Strong understanding of security architecture, in particular networking Detailed understanding of threatintelligence and threat actors, TTPs and operationalising threat intelligence. Experience in investigating complex network intrusions (by state-sponsored groups or targeted more »
triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security Incident Handling … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •ThreatIntelligence: Utilizing threatintelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »
triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security Incident Handling … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •ThreatIntelligence: Utilizing threatintelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »
team. Key Responsibilities: Monitor, detect, and respond to cyber security incidents in real-time and from various sources, such as network, endpoint, cloud, and threat intelligence. Conduct in-depth analysis of security events and alerts to identify potential threats. Identify and prioritize the cyber security incidents and escalate them … CSOC processes, technologies, and capabilities. Report and communicate the cyber security status, trends, and issues to the CSOC team leader. Enrich log data with ThreatIntelligence to provide context for observed suspicious events. Requirements: Bachelor's degree in Cybersecurity, Information Technology, or related field. Minimum of 3 years … officials and non-technical individuals. Strong understanding of network and system security principles. Relevant certifications (e.g., CISSP, CEH, GCIH) are a plus. Experience in threatintelligence and information sharing. Ability to work in a fast-paced, high-stakes environment. If you have the relevant experience and interested in more »
purpose team of professionals across a global footprint to deliver the following key components as one Centre of Excellence: Financial crime investigations and financial intelligence; and Nominated Officer/Suspicious Activity Reporting Oversight The role will be a member of the Global Financial Crime leadership team, reporting to the … GlobalCo-Heads of Financial Crime Compliance. Key Accountabilities The Global Head of Intelligence & Investigations will: Provide strategic leadership of Financial Crime Intelligence & Investigations – managing multi-disciplinary teams in several locations who deliver services of the highest quality that support Barclays in the detection and prevention of financial crime … threats and aid in the development of mitigating controls. Lead the implementation of the defined target operating model for Financial Crime Intelligence & Investigations in the second line which is able to develop and respond to threatintelligence and perform oversight of Suspicious Activity Reporting to prevent, detect more »
Analyst. You will be responsible for maintaining and improving all security operational procedures, processes and technical controls, monitoring, detecting and responding to security threats, threat hunting, threatintelligence and the management of security testing in order to reduce operation information security risks. Role responsibilities : Configuration and scheduling more »
investigative methods using the SOC’s software toolsets to enhance recognition opportunities for specific analysis. • Maintain a baseline of system security according to latest threatintelligence and evolving trends. • Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. • Provide Subject Matter Expertise (SME more »
tools to track and analyze events and abnormal user behaviors in order to identify and understand potential breaches, malware and other malicious activities Using ThreatIntelligence Services to identify both known and potential new threats and develop new mitigations Working with customer security teams to detect, contain and more »
Doncaster – Hybrid x2 days p/w Are you a SOC Analyst with more than two years of experience delivering front-line threat hunting support? Do you want to work for an organisation that are leaders in the delivery of Microsoft Sentinel SOC services in a fast-paced environment … and respond to security incidents Remediate serious attacks escalated from Tier 1 SOC Analysts Assess the scope of attacks and the affected systems Use threatintelligence to pinpoint scale of the attack, the type of attack and systems affected Conduct incident response activities Use IOC’s to research more »
role as this vendor looks to expand their offerings across the UK and Central Europe. We are looking for someone with experience in cyber threatintelligence sales who has taken ownership of the entire sales process, from cradle to grave. We are looking to speak with problem solvers … business growth Your sales experience is from dealing with leading enterprise companies or organisations, communicating and closing deals with CISOs, CSOs, CIOs, Heads of Intelligence or equivalent level of seniority Positive, energetic and driven by achieving personal and company/team success You enjoy working in a fast-paced more »
of security tools such as SIEM, Firewalls and Cloud Security to monitor systems Providing Windows Server and Network Support Assess and respond to external threatintelligence reports Support ISO27001, Cyber Essentials Plus and other internal and external audit programme Implement and improve technical processes to create efficient and more »
developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets. The Cyber Threat Defence team is a senior team that develops, socializes, and deploys novel mitigations to counter threat activity observed in Incident Response operations and … Threat Intelligence. This role is focused on improving the overall Privileged Access Management (PAM) strategy through evaluation, testing, and collaboration, with a focus on security. Highly qualified candidates will excel in business communication and messaging in addition to technical disciplines. Key Responsibilities: Evaluating and enhancing existing PAM solutions, including more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds more »
London, England, United Kingdom Hybrid / WFH Options
Control Risks
In this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber ThreatIntelligence reporting. This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence platform, as well as supporting on and … sources of information and develop capabilities to collect and analyse information in support of the team. Demonstrate strong investigation skills relating to specific cyber threat incidents, data breaches and other cyber security incidents. Build knowledge of collection tools to support bespoke investigative projects and Cyber Incident Response engagements. Conduct … on topics which support other service lines, notably Global Risk Analysis, Compliance Forensics and Investigations, and Response. Develop knowledge of principal cyber and online threat actors through research on open source, social media, deep and dark web sites and Control Risks internal intelligence systems. Contribute continuous research for more »
ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threatIntelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting capabilities … that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers more »
exercises and exceptional experiences for our customers. A day in the life of a NetSPI Red Team Operator: Plan, lead, and execute both regulated (threatintelligence-led), and non-regulated Red Team Operations. Utilize sophisticated technologies and capabilities to simulate complex attacks against mature, highly defended networks. Research … used in the wider ecosystem. Contribute to the information security community through the development of tools, presentations, white papers, and blogs. Requirements: Experience performing threatintelligence-led red teaming in accordance with a variety of regulatory frameworks (i.e., CBEST, GBEST, TIBER-XX, iCAST, CORIE, FEER, AASE, etc). more »
About this Role Role Title: Threat & Vulnerability Lead Location: UK- London La Fosse Associates are working with a global Insurance business who are looking to add a Threat & Vulnerability Lead to their strong internal security function. You will report directly into the BISO and be a senior individual … within their existing team. You will be joining the UK entity of their Security team to lead on vulnerability scanning and threatintelligence reporting. They are a large organisation with a huge amount of vulnerabilities and need somebody who understands how to approach on this scale. You will … Qualys around ingesting the data then prioritsing and guding the patching team on what to tackle first. There will also be additional projects around threat-led penetration testing and various PenTest frameworks. In this role you will: Prioritise and coordinate remediation of vulnerabilities Work alongside senior stakeholders in the more »
NCSC CTAS and CPA Assurance Schemes. Knowledge of working in secure environments (List X facilities) and accredited labs (ISO17025). Research and Development experience. ThreatIntelligence experience. To discuss this or wider Consulting roles with our recruitment team, all you need to do is apply, create a profile more »
london, south east england, United Kingdom Hybrid / WFH Options
Control Risks
In this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our Cyber ThreatIntelligence reporting. This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence platform, as well as supporting on and … sources of information and develop capabilities to collect and analyse information in support of the team. Demonstrate strong investigation skills relating to specific cyber threat incidents, data breaches and other cyber security incidents. Build knowledge of collection tools to support bespoke investigative projects and Cyber Incident Response engagements. Conduct … on topics which support other service lines, notably Global Risk Analysis, Compliance Forensics and Investigations, and Response. Develop knowledge of principal cyber and online threat actors through research on open source, social media, deep and dark web sites and Control Risks internal intelligence systems. Contribute continuous research for more »
systems are secure and resilient. Position Summary: As a SOC Analyst, you will be responsible for monitoring security events, conducting incident response, and providing threat intelligence. You will work closely with other SOC analysts to enhance security operations and protect clients from cyber threats. Key Responsibilities: Monitor security events … and logs to identify potential security incidents. Perform incident analysis, classification, and response actions. Provide proactive threatintelligence and recommend mitigation strategies. Collaborate with other SOC Analysts and Shift Leads on incident handling and investigations. Conduct threat hunting activities to identify potential security breaches. Assist in the … processes, and technologies (firewalls, SIEM, IDS/IPS). Proficiency in TCP/IP protocols, network analysis, and troubleshooting. Experience with incident response and threat intelligence. Excellent written and verbal communication skills. Ability to work independently and as part of a team. Eligible to obtain Security Clearance. Desired Qualifications more »
Corsham, England, United Kingdom Hybrid / WFH Options
J&C Associates Ltd
investigative methods using the SOC’s software toolsets to enhance recognition opportunities for specific analysis. • Maintain a baseline of system security according to latest threatintelligence and evolving trends. • Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. • Provide Subject Matter Expertise (SME more »
Benefits + Bonuses Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives. Partner with Legal, 2LoD, Major Incident Management, Threat Management, Vulnerability Management, Attack Surface Reduction, Software Engineering, Security Architecture, Platform Support both locally and globally. You will have experience in: Leading the response … management or risk management within an enterprise environment. Self-motivated interest in the latest cyber security threats and vulnerabilities and is able to integrate threatintelligence into incident response strategies to proactively defend against emerging risks. Nice to have would be: Deep technical knowledge of network fundamentals, common more »
london, south east england, United Kingdom Hybrid / WFH Options
Hunter Bond
responsibilities are set around, monitoring, compliance, security engagement, and detection/response. Role: · Assist in the design, implementation, and maintenance of security measures. Develop threatintelligence capabilities Provide a strong level consultancy when it comes to engineering security solutions. · Provide input for architecture plans with consideration of current more »