technologies Desirable skills: Experience with Microsoft Defender for Endpoint and E5 security tools Knowledge of disk encryption and operating system hardening Familiarity with Defender for Cloud Apps Experience with Splunk, SCCM/Intune Agile and DevOps experience Unix or MacOS system administration knowledge Interested? Apply now for immediate consideration More ❯
years' experience in the IT security industry, ideally in a SOC/NOC environment. Cybersecurity certifications preferred (e.g., ISC2 CISSP, GIAC, SC-200, IBM QRadar Certified Specialist, Splunk Certified Admin/Power User, Google Chronicle Security Engineer). Hands-on experience with ServiceNow Security Suite. Familiarity with cloud platforms (AWS and/or Microsoft Azure). Proficiency in Microsoft Office More ❯
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Anson McCade
comfortable working with both technical and non-technical stakeholders. Key Responsibilities Lead investigations into escalated security incidents, including detailed analysis and root cause identification. Monitor and optimise SIEM tools (Splunk, QRadar, or similar), ensuring accurate detection and effective alerting. Perform malware analysis, reverse engineering, and develop detection signatures. Provide incident response leadership, from containment and eradication to recovery. Collaborate with More ❯
Glasgow, Scotland, United Kingdom Hybrid / WFH Options
Anson McCade
Senior SOC Analyst – QRadar & Splunk UK wide (remote, with 1–2 days a month in Glasgow) £57,000 + package The opportunity Our client is a global consultancy with one of the largest dedicated security practices in the industry. With over 7,500 security specialists worldwide, they partner with leading security technology providers to deliver mission-critical solutions for government … escalated security events and incidents Driving containment, remediation, and root-cause analysis for major incidents Performing malware analysis, reverse engineering, and threat hunting Developing and optimising SIEM use cases (Splunk, QRadar) Shaping SOC runbooks, playbooks, and incident response procedures Supporting client stakeholders with incident reporting and recommendations Staying ahead of emerging threats and integrating threat intelligence Acting as an escalation … point and guiding L1/L2 analysts What we’re looking for 2–5 years in cyber security, ideally SOC or incident response Strong experience with Splunk and/or QRadar (other SIEMs considered) Good understanding of incident response, DFIR, malware analysis Knowledge of network traffic flows, vulnerability management, penetration testing Familiarity with ITIL disciplines (incident, problem, change management) Able More ❯
containerised environments using Kubernetes and OpenShift Ensure secure configuration and access management within GitLab version control and CI/CD pipelines Integrate and secure telemetry tools including Cribl, Elastic, Splunk, Fluentd, and Syslog Conduct threat modelling, vulnerability assessments, and risk analysis for the telemetry pipeline Collaborate with DevOps engineers to embed security into infrastructure-as-code and deployment workflows Monitor … hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g. More ❯
containerised environments using Kubernetes and OpenShift Ensure secure configuration and access management within GitLab version control and CI/CD pipelines Integrate and secure telemetry tools including Cribl, Elastic, Splunk, Fluentd, and Syslog Conduct threat modelling, vulnerability assessments, and risk analysis for the telemetry pipeline Collaborate with DevOps engineers to embed security into infrastructure-as-code and deployment workflows Monitor … hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g. More ❯
containerised environments using Kubernetes and OpenShift Ensure secure configuration and access management within GitLab version control and CI/CD pipelines Integrate and secure telemetry tools including Cribl, Elastic, Splunk, Fluentd, and Syslog Conduct threat modelling, vulnerability assessments, and risk analysis for the telemetry pipeline Collaborate with DevOps engineers to embed security into infrastructure-as-code and deployment workflows Monitor … hands-on experience with Kubernetes and OpenShift in secure production environments Proficiency in GitLab and secure CI/CD pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g. More ❯
