responsible for network security, ensuring continuous monitoring of NHS England's core infrastructure and systems. Line-manage and mentor a team of analysts, providing guidance on monitoring strategies, threat detection, and incident response. Deputise for the Detect & Respond Lead when required, ensuring operational continuity and effective decision-making during critical events. Provide quality assurance on investigations, reviewing analysts' work … to maintain accuracy and consistency in threat detection and response. Design, develop, and enhance SOC use cases and associated tooling, working closely with the DevOps team to implement automation, improve detection logic, and streamline response workflows--demonstrating strong capability in creating detailed, effective use cases rather than only analysing incidents. Stay ahead of emerging threats and technologies, particularly … of Information Security Operation Centre (ISOC); ability to detect, response and utilise related platform and applications to perform cyber security initiatives. Demonstrable knowledge of tools, techniques and processes of intrusiondetection and prevention; ability to detect, resolve and prevent intrusion behaviours to protect organisational networks. Desirable Highly developed specialist knowledge of and ability to investigate, troubleshoot, resolve More ❯
of techniques, approaches and processes of digital threats; ability to detect, monitor, analyse and prevent digital threats. Skills and Experience Essential Demonstrable knowledge of tools, techniques and processes of intrusiondetection and prevention; ability to detect, resolve and prevent intrusion behaviours to protect organisational networks. Desirable Expert knowledge of and ability to utilise a variety of specific More ❯
key functions: Multi-Platform Threat Hunting at Scale - Run hunting queries and analytics across large datasets using a variety of cloud-based and hybrid security solutions. Custom Analytic and Detection Development - Writing and reviewing custom rules to deploy against national monitoring solutions to provide specialised monitoring to NHS bodies against common threat actor tactics and techniques. Specialist Incident Support … support to CSOU IM function and NHS organisations where appropriate during high complexity incidents. Main duties of the job Main duties of the role include: Threat Hunt in Extended Detection and Response (XDR) and SIEM tooling. Deputies for the Cyber Security Senior Analyst (Threat Hunting) in their absence. Develop capability in support of Threat Operations requirements, including coding and … technology development. Act as a technical support in advanced forensic investigations in support of Security Operations function. Simulate adversary tactics, techniques, and procedures in support of detection development. Perform dynamic & static analysis of malicious programs and tools where relevant in support of detection development. Development of automation workflows and playbooks to support threat hunting team workload. About us More ❯
be aware that RRP is non contractual and subject to review. Main duties of the job As a Security Analyst (XDR) you will: Act as a Tier 2 Extended Detection and Response (XDR) analyst for the Security Operations team. Deputise for Senior Analysts in their absence. Act as an escalation point for Tier 1 Junior Analysts for incidents and … techniques of Email Security. Ability to detect, monitor, analyse and prevent unauthorised access, loss or compromise of business email accounts. Desirable Proven knowledge of tools, techniques and processes of intrusiondetection and prevention; ability to detect, resolve and prevent intrusion behaviours to protect organisational networks. Qualifications Essential Post-graduate level degree or equivalent level of experience. Disclosure More ❯
analyse and respond to network attacks, intrusions or any unauthorised actions; ability to use techniques and tools to perform network defence. Proven knowledge of tools, techniques and processes of intrusiondetection and prevention; ability to detect, resolve and prevent intrusion behaviours to protect organisational networks. Desirable Working knowledge of modules, processes and technologies of Information Security Operation More ❯
