Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown
with Key Vault, SBOM and image scanning, policy-as-code and least privilege IAM. Drive reliability using SRE practices: define SLIs/SLOs, error budgets, capacity planning, chaos testing, incidentresponse and blameless post-incident reviews. Partner with application squads to remove toil, improve developer experience (DX), and reduce lead time for changes through automation and platform … service catalog entries; contribute to onboarding guides and demo sessions for consumers of the platform. Participate in an on-call rota for critical platform services and lead/coordinate incidentresponse when required. About you Strong hands-on experience with Microsoft Azure core services (networking, compute, storage) and platform services (AKS, App Services, API Management, Event Hub/… GitOps, and container build pipelines (e.g., ACR, OPA policies, image scanning). Working knowledge of observability tooling (Azure Monitor, Log Analytics, Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and More ❯
Employment Type: Permanent, Part Time, Work From Home
cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incidentresponse, and threat intelligence. CORE COMPETENCIES & SKILLS Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview Understanding of security operations, incidentresponse, and More ❯
Manchester, Lancashire, England, United Kingdom Hybrid / WFH Options
Robert Walters
cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incidentresponse, security engineering, intrusion detection Experience of SOC or IncidentResponse Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯
Birmingham, West Midlands, England, United Kingdom Hybrid / WFH Options
Robert Walters
cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incidentresponse, security engineering, intrusion detection Experience of SOC or IncidentResponse Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting More ❯
such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incidentresponse planning and cloud-specific disaster recovery strategies. Stay up to date with GCP security features, UK regulatory changes, and emerging threats. Requirements What You'll Bring Essential … sector or regulated industries (e.g. finance, healthcare). Familiarity with container security (GKE, Kubernetes RBAC, image scanning). Proficiency in scripting (Python, Bash) for automation and tooling. Experience with incidentresponse in cloud-native environments. Previous consultancy experience within UK public sector organisations. If you're interested in the above, reach out to or apply Reasonable Adjustments: Respect More ❯
Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incidentresponse, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incidentresponse, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯
Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incidentresponse, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incidentresponse, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯
Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incidentresponse, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly … compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incidentresponse, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection … and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and More ❯
assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security IncidentResponse Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incidentresponse, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Ipsotek, an Eviden business
assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security IncidentResponse Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incidentresponse, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Circle Group
cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive IncidentResponse: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incidentresponse, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Circle Group
cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive IncidentResponse: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incidentresponse, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯
chichester, south east england, united kingdom Hybrid / WFH Options
Circle Group
cyber resilience initiatives, ensuring technical excellence and alignment with client goals. Design Secure Architectures: Shape robust, scalable, and secure solutions using industry best practices and advanced security frameworks. Drive IncidentResponse: Manage and coordinate responses to security incidents, ensuring swift resolution and minimal disruption. Engage Clients: Act as a trusted advisor, delivering tailored solutions and maintaining strong stakeholder … presentations, and service development efforts. Share Knowledge: Develop and distribute best practices to strengthen the cyber resilience function. What You'll Bring: Proven experience in threat intelligence, risk management, incidentresponse, compliance (e.g., GDPR, ISO 27001), and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Atrium Workforce Solutions Ltd
Cyber Security SOC Analyst – London/Remote Atrium EMEA is looking for an accomplished Cyber Security SOC Analyst to support the Security IncidentResponse Team. The team is growing, we require a strong individual contributor that will investigate, analyse, and contain security incidents. This is a fully remote role, with the occasional London office visit. You can be … based anywhere in the UK • Strong ability to collaborate, delegate tasks and drive deadline compliance in a highly regulated, time sensitive environment. Triage, escalation, and assisting the response of cybersecurity, policy and privacy related events and incidents. Manage containment and remediation efforts of affected assets, IOCs, and TTPs • Integrate and collaborate with other subject matter experts throughout the organization … e.g. Security+, CCNA Cyber Ops, BTL1 and/or BTL2, GCIH, CEH, CySA+, OSCP, CISSP, CCSP etc.) • IT Security or Cyber Security experience in any of the following areas: IncidentResponse & Digital Forensics. Cybersecurity Detection Engineering and Threat Hunting or Vulnerability Management • Experience analysing attack vectors, current threats, and security remediation strategies • Experience with SIEM technologies, EDR technologies More ❯
opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incidentresponse · Detection engineering - Develop, maintain, and enhance security detection content primarily for … to identify trends and spot unusual behaviours, indicative of malicious activity · Proactive threat hunting using available client data · Collection and/or interpretation of different sources of threat intelligence · Incidentresponse · Automation of SecOps processes using scripting More ❯
for executive decision-making. Collaborate with intelligence teams to develop threat modelling deliverables. Experience & Skills Required 8+ years of experience in information security, preferably in Investigations, Analysis, Security Operations, IncidentResponse, or Threat Intelligence. 3+ years' experience specifically in Insider Threat or equivalent roles. Proficiency with insider threat detection tools (UEBA, DLP, SIEM) and knowledge of advanced threat … intelligence techniques. Understanding of threat actor tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK Framework. Familiarity with security frameworks, incidentresponse, and risk management practices. Knowledge of legal and regulatory considerations, including privacy and data protection laws. Excellent interpersonal, relationship management, and communication skills. Qualifications & Certifications Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business More ❯
high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation and mentor to junior SOC … and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of IncidentResponse … of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working experience in leading security incidents at all levels related to incidentresponse Working experience in managing 2nd/3rd level security events Ability to manage strong relationships with global security operations colleagues and other departments, including network teams and More ❯
strategy aligned with business goals and growth plans, ensuring a proactive and preventative security posture. Establish and mature a global Security Operations Centre (SOC) to strengthen detection, monitoring, and incidentresponse capabilities. Lead enterprise-wide threat management initiatives , addressing vulnerabilities, mitigating risks, and reducing the likelihood and impact of cyber threats and attacks. Act as the principal security … principles within operations, digital transformation, and corporate strategy. Cyber Governance & Risk Management: Enhance and maintain the organisation's Information Security Management Framework (ISO27001, NIST). Oversee vulnerability management, audits, incidentresponse, and disaster recovery processes. Ensure compliance with all applicable regulations and standards across global jurisdictions. Operations & Performance: Oversee selection, implementation, and monitoring of appropriate security technologies and More ❯
on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. IncidentResponse Automation Design and implement playbooks using Logic Apps to automate incidentresponse workflows for common OT security events. Execution of the use cases on SIEM More ❯
on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. IncidentResponse Automation Design and implement playbooks using Logic Apps to automate incidentresponse workflows for common OT security events. Execution of the use cases on SIEM More ❯
responsible for monitoring, detecting, and responding to security threats, supporting the implementation of cyber protection measures, and ensuring compliance with industry standards and internal policies. Principal Responsibilities: Security Monitoring & IncidentResponse Monitor network traffic and system activity for signs of security breaches or anomalies. Investigate and respond to security incidents, including malware, phishing, and unauthorized access attempts. Document … of Microsoft Azure, Entra ID, Conditional Access, and Intune. Experience with Active Directory, DNS/DHCP, Group Policy, and VPNs. Familiarity with SIEM/XDR platforms, endpoint protection, and incidentresponse tools. Ability to work independently and collaboratively across teams. Preferred Experience: Minimum 3 years' experience in a technical support role with exposure to a range of technologies More ❯
Overview As Cyber Security Manager at Two Circles, you play a key role in keeping our systems, people and data safe from external and internal threats by focusing on incident detection, response and remediation; threat hunting; security monitoring; continual improvement and providing technical assurance for solution design and changes. This will include maintaining and improving our security posture … suppliers to ensure their alignment with our security approach and requirements. Internally, you will be responsible for our Security Operations activities with our operational team and external partners, including IncidentResponse and Threat Intelligence, to ensure these are executed consistently to our standards, as well as supporting Continual Security Improvement and being the Tech Ops representative in the … security across the business Protecting the data entrusted to us by our clients at all times Requirements Managing technical risks and proposing solutions and recommendations Security Operations procedures, i.e. Incident management and response Configuring, optimising and reporting with Microsoft 365 Security and Compliance modules, including Defender, Security Centre, Protection, Compliance Centre Experience of both cyber operational roles, but More ❯
South West London, London, England, United Kingdom
Robert Half
execute the overall Cyber Security strategy, ensuring it aligns with business objectives, manages risk, and supports the firm's rapid growth. Oversee the Cyber Security function, including Security Operations, IncidentResponse, and Governance, Risk, and Compliance (GRC) specialists, providing leadership, mentorship, and effective resource allocation. Establish and enforce a robust security governance framework, including policies and procedures for … PCI DSS if applicable). Manage and continuously improve the firm's security architecture and controls across all domains: network, cloud (SaaS/IaaS), endpoints, and applications. Lead the IncidentResponse and Disaster Recovery programs, ensuring capabilities are tested, effective, and ready to mitigate the impact of security breaches. Drive security awareness and training programs across the organization More ❯
regulatory compliance initiatives ns (e.g. NIST, ISO 27001, SOC2 compliance). Lead the design and operation of shared security services between IAG Loyalty and IAG airlines (e.g., threat detection, incidentresponse, intel management, data sharing) at the group level. Establish clear escalation protocols and cross-company incidentresponse procedures. Align security initiatives with individual business unit More ❯
business teams to implement strong cryptographic controls. Drive improvements in secure key lifecycle management, encryption, and authentication processes. Ensure the operational reliability and security of cryptographic services through monitoring, incidentresponse, and proactive risk mitigation. Essential Skills & Experience Proven experience in Cryptography, Secure Key Management, and Information Security. Hands-on expertise with HSM configuration, installation, and support. Experience … and documentation tools (e.g., MS Office). Highly Valued Skills Security or cryptographic certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, or equivalent). Experience in operational security environments, including incidentresponse, risk management, and change control. Familiarity with SharePoint, Confluence, JIRA, and Unix/Windows environments. Knowledge of data protection regulations, compliance standards, and privacy frameworks. Strong technical More ❯