Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Experian Ltd
Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. … for potentially major security incidents to support incident response efforts and may include assignment to an on-call rotation for evenings, weekends, holidays. Summary of Primary Responsibilities As the Cyber Defence Analyst, you will: Contribute to daily security operations by overseeing response activities for security events and alerts associated with cyber threats, intrusions, and compromises alongside a team … of global security analysts following documented SLOs and processes. Analyze events using security tooling and logging (e.g., SIEM, EDR) and assess potential risk/severity level of cyber threats; escalate higher-risk events to dedicated incident response and management teams in the CFC according to established processes. Collaborate with external teams for incident resolution and escalations, driving incident handling More ❯
work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, CyberKillChain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA …/IPS, Firewalls) Education Requirements & Experience Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment. Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Certified SOC Analyst Experience with Cloud platforms (AWS and/or Microsoft Azure) Excellent knowledge of Microsoft Office products, especially Excel More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
Northampton, Northamptonshire, UK Hybrid / WFH Options
Barclay Simpson
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
Worcester, Worcestershire, UK Hybrid / WFH Options
Barclay Simpson
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
Wolverhampton, West Midlands, UK Hybrid / WFH Options
Barclay Simpson
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
Stoke-on-Trent, Staffordshire, UK Hybrid / WFH Options
Barclay Simpson
workflows. You bring both technical acumen and operational discipline, with a deep understanding of GCP security and experience protecting high-value fintech applications. Essential Qualifications Experience as SOC lead, cyber operations manager, or similar role. Hands-on experience in securing Google Cloud Platform (GCP) environments across multiple projects/accounts. Strong expertise in: SIEM management (Chronicle, Splunk, Elastic) Incident … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, KillChain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or GCIA Experience implementing More ❯
