Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid/Remote Options
Experian Ltd
AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion Prevention, Web Application Firewalls) Interest in developing knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in the More ❯
with the ability to communicate complex technical concepts clearly and effectively to clients. Technical Expertise Hands-on experience with at least one major SIEM platform (e.g. Splunk, Sentinel or QRadar) and familiarity with cloud security tools such as AWS GuardDuty, Azure Security Center, or Google Cloud Security. Background in client-facing roles or consulting, with the ability to communicate More ❯
activities and SOC solution demonstrations when required. What You’ll Bring 3–5 years’ experience in cybersecurity operations, ideally within a SOC or incident response environment. Proven expertise with QRadar (key focus), Splunk, or Microsoft Sentinel. Strong grasp of network traffic analysis, vulnerability management, and ethical hacking techniques. Solid understanding of DFIR principles and evidence handling. Knowledge of ITIL More ❯
City of London, London, United Kingdom Hybrid/Remote Options
Cititec
. Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and More ❯
. Requirements In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned. Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black. Working knowledge of network security , including protocols, firewalls, IDS/IPS, and More ❯
can explain findings clearly to technical and non-technical audiences. Track record of driving continuous improvement and developing others. Comfortable with any major SIEM or EDR platform (e.g. Splunk, QRadar, Sentinel, etc.). Package & Benefits Salary: Up to £90,000 (DOE) Bonus: 10–15% + 5% SiS Bonus Car Allowance: £6,000 Clearance: No existing clearance required – SC sponsorship More ❯
play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯
play a key part in implementing security controls, mitigating risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: * Monitor security tools including SIEM (QRadar) and respond to threat detection alerts * Triage, analyse and prioritise security (via ServiceNow) * Investigate root causes of security issues and design effective remediation solutions * Oversee Patch Management * Conduct vulnerability More ❯
opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks More ❯
Experience with SOAR platforms and security automation workflows. Excellent problem-solving, stakeholder management, and collaboration skills. Team leadership or mentoring experience is highly desirable. Preferred Technologies/Tools: Splunk, QRadar, LogRhythm, Sentinel, ArcSight, Elastic, or similar SIEM tools. Familiarity with EDR, IDS/IPS, firewalls, and other security infrastructure. Exposure to both IT and OT (Operational Technology) environments. More ❯
contract-> convert to perm at VP level Location: London, near Bank. Project snapshot: Experience responding to cybersecurity incidents (triage, containment, eradication, recovery) Knowledge of SIEM tools (e.g., Splunk, Sentinel, QRadar, ArcSight) Ability to perform log analysis across network, host, application, and cloud sources Understanding of malware behaviour, attack vectors, and common threat actor techniques Familiarity with MITRE ATT&CK More ❯
contract-> convert to perm at VP level Location: London, near Bank. Project snapshot: Experience responding to cybersecurity incidents (triage, containment, eradication, recovery) Knowledge of SIEM tools (e.g., Splunk, Sentinel, QRadar, ArcSight) Ability to perform log analysis across network, host, application, and cloud sources Understanding of malware behaviour, attack vectors, and common threat actor techniques Familiarity with MITRE ATT&CK More ❯
Leeds, Yorkshire, United Kingdom Hybrid/Remote Options
Catorfaen
SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft Sentinel, Splunk, Qradar, or Humio/Logscale is alsovaluable. Backgroundknowledge in another IT discipline (e.g. Public Cloud, Windows Server,Linux, or Networking). Someexperience with scripting tools such as Powershell, Python, Bash More ❯
Coventry, England, United Kingdom Hybrid/Remote Options
Maxwell Bond
with OT Devices and SCADA solutions is key) Managing escalations, major incidents, and advanced threat-hunting activities Enhancing SIEM/XDR detections and collaborating with engineering teams (Splunk, Sentinel, QRadar) Conducting post-incident reviews and identifying opportunities to strengthen defences Translating technical insights into clear, actionable guidance for stakeholders What’s in it for you: Competitive salary of up More ❯
We are constantly growing our SOC team and new opportunities in our Farnborough site. Come and join us in the Defence sector and support enterprise scale clients. We have opportunities for L1 SOC Analysts to be a part of our More ❯
Crawley, West Sussex, South East, United Kingdom Hybrid/Remote Options
Morson Edge
Incident Response (CSIRT)/SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst More ❯
SOC Analyst (L2) (SC Clearance Required) – Multiple UK Locations (Shift Work) - £55,000 - £58,000 – Permanent Are you passionate about cybersecurity and ready to make a real impact? We’re expanding our Security Operations Centre (SOC) team and looking for More ❯
SOC Analyst (L2) (SC Clearance Required) – Multiple UK Locations (Shift Work) - £55,000 - £58,000 – Permanent Are you passionate about cybersecurity and ready to make a real impact? We’re expanding our Security Operations Centre (SOC) team and looking for More ❯
and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBMQRadar , Splunk, and Microsoft Sentinel. Develop and refine SOC use cases, runbooks, and playbooks. Integrate emerging threat intelligence into monitoring and detection workflows. Liaise with clients, Service Delivery Managers, and … activities and SOC solution demonstrations when required. What You'll Bring 3-5 years' experience in cybersecurity operations, ideally within a SOC or incident response environment. Proven expertise with QRadar (key focus), Splunk, or Microsoft Sentinel. Strong grasp of network traffic analysis, vulnerability management, and ethical hacking techniques. Solid understanding of DFIR principles and evidence handling. Knowledge of ITIL More ❯
SOC Shift Lead (SC Clearance Required) – Multiple UK Locations (Shift Work) - £65,000 - £70,000 – Permanent Are you ready to take the lead in a fast-paced, high-impact cybersecurity environment? We’re looking for a SOC Shift Lead to More ❯
SOC Shift Lead (SC Clearance Required) – Multiple UK Locations (Shift Work) - £65,000 - £70,000 – Permanent Are you ready to take the lead in a fast-paced, high-impact cybersecurity environment? We’re looking for a SOC Shift Lead to More ❯
days off rotation. RESPONSIBILITIES: • Triage security events and employ a methodical and coherent response to security incidents adopting playbooks where necessary.• Competently operate a chosen SIEM (e.g. Splunk/QRadar/LogRhythm) for incident investigations, or for the development of monitoring dashboards.• Utilise playbooks, existing knowledge and accurate online resources for guidance when responding to incidents.• Utilise online resources … date with current vulnerabilities, attacks, and countermeasures.• Identify, respond and remediate cyber events generated through monitoring technologies. EXPERIENCE: • Preferred experience with operating or administrating a SIEM (e.g. Splunk/QRadar/LogRhythm).• Solid understanding of networks including the TCP/IP stack, typical organisation architectures, and common protocols abused by malware.• Experience in security event analysis & triage, incident More ❯
