Birmingham, England, United Kingdom Hybrid / WFH Options
Anson McCade
escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensicanalysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop, refine, and own SOC use cases, runbooks … knowledge and hands-on expertise with Splunk (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical hacking. Strong grasp of network traffic flows, malware analysis, and reverse engineering. Excellent written and verbal communication skills for client interaction and reporting. Ability to work independently, lead investigations, and mentor team members. Eligible for or holding SC More ❯
Reading, Berkshire, South East, United Kingdom Hybrid / WFH Options
Stott & May Professional Search Limited
ransomware, and APTs. Handle escalations from Tier 1 analysts and provide technical mentoring. Analyze and correlate alerts using SIEM and EDR tools such as Splunk and Microsoft Defender. Perform forensicanalysis to identify root causes and recommend containment and recovery actions. Develop detection use cases, improve processes, and maintain accurate incident documentation. Collaborate with IT and security teams … years in cybersecurity, with strong SOC or incident response experience. Proficient in SIEM (Splunk, ArcSight) and EDR (Defender, CrowdStrike, Carbon Black). Strong knowledge of digital forensics, malware analysis, and threat hunting. Skilled across Windows, Linux, and cloud environments. Familiar with frameworks such as MITRE ATT&CK, NIST, and ISO 27001. Scripting experience (Python, PowerShell) beneficial. Preferred Certifications SOC More ❯
Crawley, Sussex, United Kingdom Hybrid / WFH Options
Morson Talent
NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensicanalysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT and OT environments. In-depth understanding of adversarial TTPs and complex threat landscapes. More ❯
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Morson Talent
NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar platforms. Experience in forensicanalysis, red-team exercises, and crisis simulation activities. Desirable Experience managing or supporting both IT and OT environments. In-depth understanding of adversarial TTPs and complex threat landscapes. More ❯
Bristol, Avon, England, United Kingdom Hybrid / WFH Options
Sanderson
a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensicanalysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯
Peterborough, Cambridgeshire, England, United Kingdom Hybrid / WFH Options
Sanderson
a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (e.g., packet analysis with Wireshark). Proficiency with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensicanalysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯
Bristol, Somerset, United Kingdom Hybrid / WFH Options
Sanderson Recruitment Plc
a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS), and common enterprise applications. Expertise in analysing network traffic (eg, packet analysis with Wireshark). Proficiency with security tools such as SIEM (eg, Splunk, QRadar), EDR (eg, CrowdStrike, SentinelOne) and threat intelligence platforms. Strong Scripting skills in at least one language … in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and anticipate their next moves. Strong understanding of forensicanalysis principles. Desired Certifications (one or more is a plus) GIAC Certified Threat Hunter (GCTH) GIAC Reverse Engineering Malware (GREM) Offensive Security Certified Professional (OSCP) Certified Ethical Hacker More ❯
including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access More ❯
The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and More ❯
The ideal candidates will hold active DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and More ❯