South East London, England, United Kingdom Hybrid / WFH Options
ZenTech Talent
ISO 27001, Cyber Essentials, etc.) Tech Environment: Microsoft 365 Defender, Intune, Azure Security Center Firewalls: Palo Alto, Fortinet, SonicWall SIEM: Sentinel, Splunk, or equivalent EDR/XDR solutions (Sophos, CrowdStrike, Defender) Scripting knowledge (PowerShell preferred) What We’re Looking For: 5 years’ experience in a cyber security role (ideally within an MSP or multi-client setting) Security certifications like More ❯
Maidenhead, Berkshire, United Kingdom Hybrid / WFH Options
APM Terminals
collaborate with other teams, and build streamlined cross-departmental processes. Automation Development Identify repetitive tasks and develop automation ideas. Collaborate with automation teams to build capabilities using platforms like CrowdStrike Fusion, AWS Lambda, Azure Logic Apps, XSOAR, and Python scripts. Languages Good experience in query languages like KQL and Logscale for investigations and log analysis is highly desirable Managing More ❯
South East London, England, United Kingdom Hybrid / WFH Options
Marlin Selection Recruitment
identified during penetration testing. Ad-hoc IT security projects The successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack CrowdStrike EDR Mimecast Mail Security Gateway Duo Okta Rapid7 IVM, Tenable IO or Nessus Rapid7 IDR or CrowdStrike Next Gen SIEM Palo Alto Firewalls and Panorama InTune and Conditional More ❯
security projects Support and resolve issues identified during penetration testing Ideal Experience We’re looking for someone with strong hands-on experience in most of the following technologies: Essential: CrowdStrike EDR Mimecast Duo, Okta Rapid7 IVM, Tenable IO or Nessus Palo Alto Firewalls, InTune, Entra ID, Active Directory Desirable: Imperva WAF, Menlo Security, Cisco Secure Access/Umbrella, KnowBe4 More ❯
a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and/or cloud-native security services (e.g. AWS GuardDuty, GCP Chronicle). Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection More ❯
to lock down cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections More ❯
to lock down cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections More ❯
of EDR/XDR – including incident investigation at a priority 1 and 2 severity and general day-to-day usage alongside best-practice configurations for common toolsets. Preferred vendors: CrowdStrike, Microsoft, Palo Alto, SentinelOne. Good Knowledge of incident response, aligned to MITRE ATT&CK with a good knowledge of common tactics, tools and techniques attackers utilise in the wild. More ❯
Reading, England, United Kingdom Hybrid / WFH Options
Ultima
and engagement. DESIRED KNOWLEDGE, SKILLS & EXPERIENCE Existing knowledge of the Cyber Security market including areas such as: Endpoint, Email, Identity, Cloud, Networking & Network Security. Vendors to include: Cisco, Mimecast, Crowdstrike, Delinea, Netskope, Palo Alto Networks, Proofpoint, Microsoft, Checkpoint, Tenable, Sophos, Trend Micro. Experience of solution selling including Professional Services & Managed Services. “Don’t meet every single requirement? Studies have More ❯
and SOC workflows. Mentor and guide L1/L2 analysts, providing training, quality reviews, and escalation support. Design and execute proactive threat hunting campaigns using tools such as Defender, CrowdStrike, and custom scripts. Contribute to playbook development, automation improvements (including Microsoft Co-pilot integration), and process optimization. Produce executive-level incident reports, root cause analyses, and recommendations for remediation More ❯
dynamic fast moving environment. In addition you will have sound knowledge and experience of the following: Extensive knowledge and hands-on experience with security tools and platforms, such as CrowdStrike, Zscaler, Island, Duo, Abnormal, and Tessian Proven experience in designing disaster recovery processes Knowledgeable in SecOps practices Proven background managing the full lifecycle of security projects Extensive knowledge of More ❯
Experience working in a consulting environment Experience working with industry-leading security operations tools (e.g., CyberXM, Rapid7, Qualys, Tenable, Prisma, Snyk, Veracode, Wiz, Orca, Tanium, Splunk, QRadar. Carbon Black, CrowdStrike, ProofPoint, Cisco, etc) Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic More ❯
flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option to step into a management … happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued Why This Role? Be a More ❯
South East London, England, United Kingdom Hybrid / WFH Options
Sanderson Government & Defence
flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option to step into a management … happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued Why This Role? Be a More ❯
days a week in Berkshire This L2 SOC Analyst will have the previous following experience: Monitor and investigate security alerts using tools such as Splunk, Microsoft Defender, and CrowdStrike, escalating incidents as needed and ensuring timely resolution. Leverage Microsoft Co-pilot and automation workflows to streamline threat detection, incident triage, and response processes. Conduct in-depth log analysis and More ❯
grow in a dynamic, successful company. You will need: Excellent knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle, or Elastic (preferable). Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft, Palo Alto (preferable). Strong knowledge of SOAR tools. Experience building and developing a SOC environment. Knowledge of automation and scripting. You will get: Flexible working pattern. More ❯
grow in a dynamic, successful company. You will need: Excellent knowledge of SIEM tools e.g Microsoft Sentinel, Google Chronicle, or Elastic (preferable). Excellent knowledge of EDR tools e.g CrowdStrike, SentinelOne, Microsoft, Palo Alto (preferable). Strong knowledge of SOAR tools. Experience building and developing a SOC environment. Knowledge of automation and scripting. You will get: Flexible working pattern. More ❯
Stakeholder Collaboration: Work in partnership with the client representatives and internal teams to ensure all project objectives are met. • Security & Compliance: Enforce industry security standards, utilizing tools like Cloudflare, CrowdStrike, and SonarQube. • DevOps & Infrastructure: Oversee DevOps practices and infrastructure management with AWS, Azure, Docker, and GitHub. • Agile Methodologies: Champion agile practices using tools such as Jira, Confluence, and Slack. … managing large-scale software development projects. • Cloud Proficiency: Extensive experience with cloud-based solutions, particularly AWS and Azure. • Security Savvy: Demonstrated expertise with security and compliance tools including Cloudflare, CrowdStrike, and SonarQube. • Agile & DevOps: Deep understanding and hands-on experience with agile methodologies and DevOps practices. • Strong Communicator: Excellent communication and stakeholder management skills essential for success in a More ❯
Oversee day-to-day operations of Cyber Defence teams (CERT, Security Tooling, Proactive Monitoring), managing advanced incident detection, threat hunting, and forensic investigations using platforms like Splunk, Defender, and CrowdStrike Collaborate with Security Engineering and Architecture to integrate AI/ML (e.g., Microsoft Copilot) and emerging security tech for real-time response, smarter automation, and enhanced endpoint/cloud More ❯
leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis using integrated dashboards, combining insights from Splunk More ❯
