City of London, Greater London, UK Hybrid / WFH Options
Head Resourcing
Data Protection & InsiderThreat Specialist Location: Hybrid/UK-based Department: Cyber Security Salary: Competitive + Benefits Head Resourcing is delighted to be working with a financial services client who are looking for a Data Protection & InsiderThreat Specialist to join the team. This … role focuses on the delivery and continuous improvement of data loss prevention (DLP) and insiderthreat controls across on-premise and cloud environments. You’ll be part of a collaborative and innovative environment, where technical curiosity is encouraged and every team member is empowered to contribute to … strategic outcomes. Key Responsibilities Design and implement DLP and insiderthreat policies to safeguard sensitive data. Develop roadmaps and integration plans to enhance security controls. Collaborate with both technical and business stakeholders to ensure data protection requirements are well understood and implemented effectively. Contribute to strategic planning More ❯
and malware triage in support of incident response investigations. Identify, analyze, and assess potential insiderthreats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies. Assist in developing strategies to handle security … incidents and coordinate responses to insider threats. Support the development and implementation of use cases, detection rules, and playbooks. Perform threat hunting activities to proactively identify threats within the environment. Continuously review and refine insider risk policies to ensure they are effective and up to … Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. Requirements and Qualifications At least More ❯
and malware triage in support of incident response investigations. Identify, analyze, and assess potential insiderthreats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies. Assist in developing strategies to handle security … incidents and coordinate responses to insider threats. Support the development and implementation of use cases, detection rules, and playbooks. Perform threat hunting activities to proactively identify threats within the environment. Continuously review and refine insider risk policies to ensure they are effective and up to … Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. Requirements and Qualifications At least More ❯
and malware triage in support of incident response investigations. Identify, analyze, and assess potential insiderthreats through behavioral analytics, log review, and threat intelligence. Maintain and improve SOC processes and procedures, staying current with the latest security trends and technologies. Assist in developing strategies to handle security … incidents and coordinate responses to insider threats. Support the development and implementation of use cases, detection rules, and playbooks. Perform threat hunting activities to proactively identify threats within the environment. Continuously review and refine insider risk policies to ensure they are effective and up to … Cyber Incident Response Plan. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs) tactics, techniques, and procedures (TTPs), and trends, identifying actionable areas of interest and threats. Requirements and Qualifications At least More ❯
safeguarding our nation's information. DCSA is the designated oversight authority on the accreditation of classified facilities, information systems, and the insiderthreat program. This involves security oversight of more than 10,000 companies and approximately 13,000 facilities involved in classified work throughout the DoD and … safeguarding our nation's information. DCSA is the designated oversight authority on the accreditation of classified facilities, information systems, and the insiderthreat program. This involves security oversight of more than 10,000 companies and approximately 13,000 facilities involved in classified work throughout the DoD and More ❯
Symantec, Forcepoint, or similar). Familiarity with data classification, data handling standards, and regulatory requirements (e.g., NYDFS, GDPR). Knowledge of insiderthreat detection and user behavior analytics (UBA). Exposure to security incident and event management (SIEM) tools. Core Values Love what you do: We show More ❯
Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis -Develop and implement criteria to identify anomalous … user behavior leading indicating insiderthreat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Knowledge and Experience University degree in related discipline 1+ years of relevant experience Deep understanding More ❯
Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis - Develop and implement criteria to identify anomalous … user behavior leading indicating insiderthreat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Preferred Knowledge and Experience 3+ years of relevant experience Deep understanding of networking and its More ❯
possible and to prevent any downtime or impact to business operations. CyberClan investigates and assists clients with all types of security breaches, including insiderthreats, unauthorized access, and malicious code. Some breaches are publicly known, but many remain hidden. We analyze client data in a secure forensic lab More ❯
committed to on-going self-development and education and possess strong technical acumen and customer service skills. Responsibilities Ensure data is protected from insiderthreats, cyber-attacks, and policy violations Onboard Customers to Varonis platforms and deliver on-going value and support Ensure Customer success through frequent proactive More ❯
Security Engineer Investigator, Insider Trust The Insider Trust team is looking for a Security Engineer to investigate, build and improve internal tools and systems to identify malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider … skills, working closely with engineering teams, Human Resources, and Legal teams. Responsibilities Develop understanding of problem space and provide technical direction during investigations and threat hunts Develop workflows and automations to streamline signals, hunts and investigative processes Perform analysis of logs from a variety of sources (e.g., individual host … through logging and automation Minimum Qualifications Bachelor's degree in Computer Science, Engineering, or equivalent experience 4+ years of experience in Detection & Response Engineering, Threat Intelligence or similar Security Engineering role Experience conducting technical security investigations (response, forensics, log analysis) Experience interpreting information from multiple sources and working with More ❯
threats, and helping clients recover with speed and resilience. What You’ll Do: Lead and support complex cyber incident investigations involving ransomware, APTs, insiderthreats, and business email compromise. Conduct forensic acquisition and analysis of endpoint, server, and cloud environments. Provide real-time incident triage and containment recommendations. … Sysmon, NetFlow, EDR data). Familiarity with SIEM tools, EDR platforms, and scripting (Python/PowerShell preferred). Strong understanding of MITRE ATT&CK, threat actor TTPs, and IR frameworks (NIST, SANS). Excellent communication skills – written and verbal – with the ability to translate complex technical findings into business More ❯
threats, and helping clients recover with speed and resilience. What You’ll Do: Lead and support complex cyber incident investigations involving ransomware, APTs, insiderthreats, and business email compromise. Conduct forensic acquisition and analysis of endpoint, server, and cloud environments. Provide real-time incident triage and containment recommendations. … Sysmon, NetFlow, EDR data). Familiarity with SIEM tools, EDR platforms, and scripting (Python/PowerShell preferred). Strong understanding of MITRE ATT&CK, threat actor TTPs, and IR frameworks (NIST, SANS). Excellent communication skills – written and verbal – with the ability to translate complex technical findings into business More ❯