17 of 17 Permanent Malware Analysis Jobs in the UK excluding London

all the evidence available and support the client on the appropriate action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools … to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

all the evidence available and support the client on the appropraite action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring … SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

Job Description Summary Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. Job Description Essential Responsibilities In this role, you will: Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis … Understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.) - Understanding of APT, Cyber Crime and other associated tactics - Understanding of host forensics and network analysis techniques and tools - Understanding of malware and reverse engineering - Understanding of vulnerabilities. Vulnerability management, remediation and implementation techniques. - Understanding of responding to threats in cloud platforms (AWS, Azure More ❯

Posted 30+ Days Ago job requisition id R Job Description Summary Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. Job Description Essential Responsibilities In this role, you will: Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics … malware analysis, and log-centric analysis (SIEM) Perform daily response operations on a schedule that may involve non-traditional working hours Curate signatures, tune systems/tools, and develop scripts and correlation rules Analyse host and network forensic artifacts and identify patterns and behaviours related to threat actors Lead technical aspects of incident detection and response Mentor … Understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.) - Understanding of APT, Cyber Crime and other associated tactics - Understanding of host forensics and network analysis techniques and tools - Understanding of malware and reverse engineering - Understanding of vulnerabilities. Vulnerability management, remediation and implementation techniques. - Understanding of responding to threats in cloud platforms (AWS, Azure More ❯

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP … FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure … protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing team knowledge across SOC tooling More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What youll bring: Demonstrable experience in Security Operations Centre. People … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you’ll bring: Demonstrable experience in Security Operations Centre. … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

front, contribute to national security, and grow your cybersecurity careerthis is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. DV Clearance Eligibility Benefits: 25 days annual leave, with the option More ❯

following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise … regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. * Act as the point of escalation for the Service desk for security related tickets. * Analysis of weekly vulnerability scans and update relevant records. Essential * A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines … of analysing information technology logs and events sources preferred * Working knowledge of data storage systems, data backup and restoration methods. * Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) * Ability to work independently while managing support to a high standard * Contribute More ❯

Awareness of incident response planning and tabletop exercises. Understanding of frameworks such as MITRE ATT&CK, the Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Desirable Qualifications & Skills: Certifications such as ECIH, Security+, BTL1, CySA+, SC-200. Familiarity with open-source IR tools (e.g., Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility, SOF-ELK, DFIR More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

our rapidly growing Global Security Operations team. This is an exciting hands-on technical role in which the specialist will use their security skills and knowledge to perform advanced analysis on the collection of cyber threats using high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide … resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response (preparation, identification, containment … technologies, including: Windows, Linux, Networking, Security Architecture experience and knowledge of packet flow/TCP/UDP traffic, Firewall and proxy technologies, cloud solutions, anti-virus, static and dynamic malware analysis techniques Expert in performing analytics with different types of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working More ❯

What You ll Be Doing Network Security: Design, implement, and manage secure network architectures. Monitor traffic for suspicious activity and respond to incidents. Conduct security assessments and audits. Vulnerability Analysis: Conduct assessments and penetration testing. Develop mitigation strategies and track vulnerabilities. Forensic Analysis: Analyze security incidents, collect evidence, and prepare reports to improve security posture. Incident Response: Lead … understanding of secure development lifecycle. Proficiency with security tools, firewalls (Palo Alto preferred), IDS, endpoint security. Strong understanding of network protocols, VPNs, and security architecture. Experience in incident detection, analysis, response, forensic and malware analysis. Skills in scripting and automation (Python, PowerShell). Knowledge of frameworks like ISO 27001, NIST, Cyber Essentials. Understanding of risk management, data protection More ❯