1 to 25 of 47 Permanent Intrusion Detection Jobs in the UK excluding London

continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response: Establish and maintain processes for continuous security monitoring and detection of security events, including application-specific security events. Lead the investigation and resolution of security incidents, including those related to application vulnerabilities, root cause analysis, and implementation of corrective … risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations: Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC): Integrate More ❯

ensuring systems are safeguarded against unauthorized access, vulnerabilities, and emerging threats. This role involves identifying and managing security risks, implementing and maintaining tools for spam filtering, software patching, and intrusion detection and prevention. The analyst enforces information security policies and supports their integration across systems, applications, and user practices. The analyst will conduct risk assessments to evaluate the … infrastructure visibility and timely alerting of anomalous events. Ensure that logs, metrics, and alerting align with organizational security and operational requirements. •Manage, monitor, analyze, and report on network firewalls, intrusion prevention systems, web security, email security, virtual private network (VPN), security information and event management (SIEM) platforms (e.g., FortiAnalyzer), log monitoring, and Multi-Factor Authentication (MFA). This includes More ❯

continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response : Establish and maintain processes for continuous security monitoring and detection of security events, including application-specific security events. Lead the investigation and resolution of security incidents, including those related to application vulnerabilities, root cause analysis, and implementation of corrective … risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate More ❯

continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response : Establish and maintain processes for continuous security monitoring and detection of security events, including application-specific security events. Lead the investigation and resolution of security incidents, including those related to application vulnerabilities, root cause analysis, and implementation of corrective … risks. Conduct regular risk assessments and vulnerability analyses of systems, applications, and infrastructure. Security Operations : Oversee the management of security technologies and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate More ❯

to ensure the security of network infrastructure and data.- Manage risk assessments and vulnerability assessments to identify potential security threats.- Oversee the implementation of security measures such as firewalls, intrusion detection systems, and data encryption technologies.- Provide training and guidance to staff on information security best practices.- Stay updated on the latest cybersecurity trends and technologies.**Qualifications:**- Bachelor … CCSP MCSA-Microsoft Windows Server MCSE- Microsoft Certified Solution Expert; MCITP-Microsoft Certified IT Professional; VMware Certified Professional;CCNA/CCNP Experience with security tools and technologies such as intrusion detection systems, SIEM, and vulnerability management tools. Familiarity with regulatory requirements and industry standards related to IT security. Hays Specialist Recruitment Limited acts as an employment agency for More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. … security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into … TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases More ❯

collect evidence, and prepare reports to improve security posture. Incident Response: Lead response efforts, develop plans, and conduct post-incident reviews. Security Tools: Manage security tools like firewalls and intrusion detection systems. Evaluate new technologies. Documentation: Maintain detailed records and prepare reports for management. Collaboration: Work with IT, Digital teams, and developers to ensure security integration and best … and understanding of secure development lifecycle. Proficiency with security tools, firewalls (Palo Alto preferred), IDS, endpoint security. Strong understanding of network protocols, VPNs, and security architecture. Experience in incident detection, analysis, response, forensic and malware analysis. Skills in scripting and automation (Python, PowerShell). Knowledge of frameworks like ISO 27001, NIST, Cyber Essentials. Understanding of risk management, data protection More ❯

a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with … Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms (Azure More ❯

a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery efforts with … Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms (Azure More ❯

and regulations. Collaborate with IT teams to integrate security protocols into network architecture and operations. Be involved in the deployment and maintenance of network security devices such as firewalls, intrusion detection systems, and VPNs. Act on to and recover from security incidents, including conducting post-event analyses to prevent future incidents. Stay abreast of the latest cybersecurity threats More ❯

testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems. Support Security Architecture & Design: Assess the design, implementation, and maintenance of developed … testing Statement of Works, and manage the remediation of identified vulnerabilities. Security Tools & Technologies Advice: Provide guidance on the selection, implementation, and optimization of security tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems. Support Security Architecture & Design: Assess the design, implementation, and maintenance of developed More ❯

in data security, cybersecurity, or a related field. Hands-on experience with Proofpoint implementations (e.g., Email Protection, Targeted Attack Protection, Information Protection). Proficiency in security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM. Experience with ProofPoint in a cloud-based environment, specifically Microsoft 365 Excellent problem-solving skills and the ability to More ❯

assigned to work in a role with one of our trusted client partners as a 'Spartan' consultant. In this role you will undertake: Network Security - Understanding of firewall configuration, intrusion detection/prevention systems (IDS/IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and More ❯

to attack vectors and security incidents, and coordinate incident response across teams Security software testing:?Test company software, firmware, and firewalls Security software design:?Design software security systems like intrusion detection systems and firewalls Security system maintenance:?Maintainand proof network security systems Security system analysis:?Analyse security systems and seek improvements on a continuous basis? Help develop platforms More ❯

troubleshooting steps, and resolutions Cyber/Security Ensure IT systems and networks are secure from threats and vulnerabilities Implement and manage security measures, such as firewalls, antivirus software, and intrusion detection systems Conduct regular security audits and vulnerability assessments Work within the parameters of ISO 27001, taking guidance from the compliance team as needed System Monitoring Monitor system More ❯

implement security policies, standards, and guidelines aligned with industry standards (e.g., ISO 27001, NIST). Assist in the deployment, configuration, and management of security infrastructure and technologies, including firewalls, intrusion detection/prevention systems, and secure network architectures. Provide guidance and support on Azure security practices, leveraging expertise in Microsoft Azure security frameworks and best practices. Stay updated More ❯

the security team to ensure adequate resource availability. Maintains awareness of industry best practices and applies them to organisational security policies. Implements and monitors security systems such as firewalls, intrusion detection systems, endpoint protection, log monitoring, and vulnerability scanning. Investigates and documents security breaches and cyber incidents, including assessment of impact and coordination of remediation efforts. Coordinates penetration More ❯

Dender, GCP SCCE), WAFs (e.g. Azure WAF, Cloud Armor AWS WAF), and protection against OWASP Top 10 and emerging threats. Network & infrastructure security: Network security principles (e.g. segmentation, monitoring, intrusion detection/prevention). Any experience in Zero Trust architecture in cloud environments would be very desirable. Security Defence Centre Tools and practices . Scripting & Automation Python (preferred More ❯

Requirements A passion for Cyber Security and enjoys solving problems Knowledge of the security threat landscape Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems) Knowledge of TCP/IP Protocols, network analysis, and network/security applications Knowledge of common Internet protocols and applications Ability to multi-task, prioritize, and More ❯

responsible for implementing, managing and enhancing the technology underpinning N Brown’s cyber security services.You’ll have a good understanding of a range of tools like web application firewalls, intrusion detection technologies, vulnerability scanners and SIEM’s; and the technical knowledge to integrate them to enhance our protection. You’ll also need a good understanding of the native … will you do as a Cyber Security Engineer at N Brown? To identify opportunities to improve efficiency in processes through automation Onboarding and integrating AWS native tools to enable detection and response to incidents, vulnerabilities, misconfigurations, etc in our AWS environments. Developing self-service tools for N Brown's engineering teams To work with other operational departments to ensure … of working within PCI DSS, or other compliance frameworks. Software and Technology Coding languages (Python, Teraform) Build pipeline tools (Gitlab, Jenkins) IaaS (AWS, Azure, GCP) & SIEM (ideally Splunk) Endpoint Detection and Response (EDR) tools such as MS Defender APT. Network and Host Intrusion Detection/Prevention tools Web Application Firewalls (ideally Akamai) Vulnerability scanning tools (ideally Rapid7 More ❯