STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement audits, and role certification; identify and remediate potential vulnerabilities in provisioning and access enforcement. Incident Management & Response Participate in access-related incidentresponse, including unauthorized access investigations, root-cause analysis, and mitigation measures. Client Engagement & Training Collaborate with stakeholders to understand … SAML/OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440/604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication Skills : Strong ability to engage with both technical teams and non More ❯
As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incidentresponse to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯
As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incidentresponse to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯
As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incidentresponse to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯
london (city of london), south east england, united kingdom
Global Fintech
As part of the Security Operations team, the analyst will work closely with cross-functional teams to identify, investigate, and mitigate cybersecurity threats, ensuring a robust and secure environment. Incident Detection & Response: Analyze security events to determine if they represent legitimate threats, and initiate an appropriate incidentresponse to contain and mitigate any detected issues. Threat … timely patching of identified vulnerabilities. Security Enhancements: Collaborate with IT and other business units to implement security improvements, including automation, configuration changes, and policy enforcement. Documentation & Reporting: Create detailed incident reports, document findings, and provide recommendations to enhance the organization’s cybersecurity posture. Stay Informed: Keep up with the latest cybersecurity trends, vulnerabilities, and best practices, and recommend proactive More ❯
Sunbury-On-Thames, London, United Kingdom Hybrid / WFH Options
BP Energy
etc.) for OT cybersecurity. Lead a high-performing OT cybersecurity team, developing our people as well as technology. Oversee OT-focused vulnerability management, solutions development, conformance support, and incident response. Engage with regulators, customers, and industry partners to maintain bps position as a leader in OT security. Advise senior leadership and the Board on OT cybersecurity risk posture, investment … should be expected with this role Relocation Assistance: Relocation may be negotiable for this role Remote Type: This position is a hybrid of office/remote working Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management Legal Disclaimer: We are More ❯
scans and external security & penetration tests, forensic audits, or related investigations. This includes the ability to ensure remediation of findings are handled and fed into continuous service improvement activities. Incident management of cyber security events of all severities, throughout the incident lifecycle. Business Continuity Develop, maintain, and improve data and technology Business Continuity & Disaster Recovery Plans that enable … into Live Service Experience of working with conflicting, highly complex, and/or highly sensitive information Experience in managing critical incidents, and problem investigation + resolution (including managing security incidentresponse, and information security breaches) Experience of contributing to, and developing enabling strategies (example: information security) Coaching, mentoring and supervision of others Management of financial budgets for a … on-call, consumables, relevant 3rd party provision contracts) and developing investment cases Desirable Experience in conducting or managing information security audits, penetration testing, table-top/simulation exercises, and incident investigations Experience of management products/services in healthcare (NHS) Skills and Knowledge Essential Deal with complex business problems and translate into information security and business continuity requirements and More ❯
and threat-intelligence feeds to spot anomalies. Threat Hunting: Use forensic tools to track indicators of compromise across networks. Vulnerability Management: Run scans, prioritize remediation tasks, and validate fixes. IncidentResponse Support: Coordinate with SRE and DevOps teams to contain breaches. Report & Recommend: Draft concise, actionable incident summaries for executive stakeholders. Continuous Learning: Attend weekly knowledge-shares … Clear, concise communication skills for both technical and business audiences. Nice-to-Haves Exposure to cloud security (AWS, Azure, or GCP). Hands-on lab or internship experience with incident response. Entry-level certs like CompTIA Security+ or GIAC GSEC in progress. Why Our Client? Competitive package: £36,000-£43,000 + performance bonus. Flexibility: Choose your workspace—office More ❯
Employment Type: Full-Time
Salary: £36,000 - £43,000 per annum, Negotiable, OTE
Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incidentresponse readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Define More ❯
teams to identify and remediate vulnerabilities across hardware and software. Act as the primary technical liaison with the Business Continuity Planning (BCP) team, supporting BIAs and resilience obligations. Lead incidentresponse investigations, mitigation, and ongoing security improvements. Support Cyber Essentials Plus accreditation and contribute to maintaining a strong external security rating. Produce clear reporting, dashboards, and technical documentation More ❯
Central London, London, United Kingdom Hybrid / WFH Options
Police Digital Services
z2ez0 Work closely with the Technical Operations team to manage security decision making Identify and implement appropriate controls, mitigations and risk treatment plans Develop and manage cyber incidentresponse for services in life Ensure alignment of security operations with the strategic cyber aims of national services linked to policing Implement vulnerability management arrangements Develop and implement strategies for More ❯
Leverage automation frameworks and IaC to improve scalability and reduce manual intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incidentresponse readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Networking People (UK) Limited
on experience designing and implementing security frameworks for enterprise-critical infrastructure (e.g., network security, data protection, vulnerability management, access control). Leading disaster recovery planning, business continuity strategies, and incident response. Familiarity with compliance standards such as NIST, ISO 27001, PCI-DSS, and GDPR in the context of data centers, critical IT infrastructure, and application resilience for business survivability. More ❯
our company's security strategy, ensuring robust protection for both our assets and those of our clients. This division oversees all aspects of information security, from policy development to incident response. Our Global Security Services and Automation team excels in gathering diverse security requirements from clients and delivering top-tier security infrastructure, tools, and operations at scale. The Security … and recommendations Developing and presenting scalable security solutions and services that meet client needs Collaborating with internal teams to ensure client security requirements are integrated into service delivery Leading incidentresponse efforts and conducting post-incident analysis to prevent future occurrences Organizing tabletop exercises with both clients and our teams Required profile: Ability to engage confidently with More ❯
sits within the compliance function and plays a critical part in supporting external audits, particularly SOC 1 Type II and SOC 2. It combines hands-on security monitoring and incidentresponse with ensuring IT and security controls meet audit and client assurance requirements. As a key member of the Global Information Technology team, you will collaborate closely with More ❯
sits within the compliance function and plays a critical part in supporting external audits, particularly SOC 1 Type II and SOC 2. It combines hands-on security monitoring and incidentresponse with ensuring IT and security controls meet audit and client assurance requirements. As a key member of the Global Information Technology team, you will collaborate closely with More ❯
london (city of london), south east england, united kingdom
Selby Jennings
sits within the compliance function and plays a critical part in supporting external audits, particularly SOC 1 Type II and SOC 2. It combines hands-on security monitoring and incidentresponse with ensuring IT and security controls meet audit and client assurance requirements. As a key member of the Global Information Technology team, you will collaborate closely with More ❯
regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incidentresponse, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯
regulatory obligations. Leadership of a Multi-discipline Team – Manage and mentor a team of technical security engineers and operational-resilience specialists, fostering collaboration across technology, risk, and business functions. Incident & Crisis Management – Oversee incidentresponse, run crisis simulations, and strengthen supplier-risk management so critical services remain available even during severe disruptions. Regulatory & Stakeholder Engagement – Engage directly More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Michael Page Technology
availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incidentresponse and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Michael Page Technology
availability using DataDog. Troubleshoot application, API, and infrastructure issues across multiple environments (mainly on Azure). Collaborate with development, DevOps, and product teams to resolve complex technical issues. Manage incidentresponse and provide root cause analysis (RCA) for platform outages. Automate repetitive support tasks using scripting (Python, Bash, PowerShell). Maintain documentation of processes, troubleshooting steps, and known … enabling effective communication across international teams. Excellent problem-solving, analytical, and communication skills. Ability to work in a fast-paced, collaborative environment. Preferred Skills (Good to Have) ITIL or incident management framework knowledge. Experience with API troubleshooting and integrations. Exposure to databases (SQL/NoSQL). Security awareness (authentication, encryption, access control). Familiarity with Infrastructure as Code (Terraform More ❯
meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including Microsoft 365 and Azure More ❯
london, south east england, united kingdom Hybrid / WFH Options
Notting Hill Genesis
Manage product and technology roadmaps in line with our strategic and operational goals. Lead the security, compliance, and risk teams - ensuring constant evaluation and evolution of our protection in response to current and emerging threats. Own and manage audits, penetration tests, incidentresponse, risk registers, and compliance with frameworks such as ISO27001, NIST, and MITRE. Collaborate with More ❯
laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and device touchpoints globally. Key Responsibilities … healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incidentresponse teams to streamline investigation and containment. Ensure high-fidelity logging and alerting … background in automation, scripting, and observability practices. Experience working with large, global device fleets and BYOD models. Preferred Qualifications: Familiarity with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional More ❯
Data Security team, to support analysis and reporting work for data loss and insider threat events in Virgin Money. Your role will involve working closely with our Data Security, IncidentResponse and Business teams to manage events and progress remediation and represents a great opportunity to work with industry-leading tools and security partners, utilising your analytical, technical … be responsive to these challenges. The DLP Analyst will support the Bank's security controls for Data Loss Prevention, carrying out assessments of DLP and Insider Threat events, including incident management, escalation and resolution, acting as a liaison with key stakeholders, and be responsible for reporting on current status and trends. What you'll be doing Analysis of DLP More ❯