Maidenhead, Berkshire, United Kingdom Hybrid / WFH Options
APM Terminals
collaborate with other teams, and build streamlined cross-departmental processes. Automation Development Identify repetitive tasks and develop automation ideas. Collaborate with automation teams to build capabilities using platforms like CrowdStrike Fusion, AWS Lambda, Azure Logic Apps, XSOAR, and Python scripts. Languages Good experience in query languages like KQL and Logscale for investigations and log analysis is highly desirable Managing More ❯
Security Operations Center. As a Tier 3 CERT Analyst you will lead the investigation and remediation of advanced cyber threats, leveraging cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender and other security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its More ❯
to lock down cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections More ❯
Reading, England, United Kingdom Hybrid / WFH Options
Ultima
and engagement. DESIRED KNOWLEDGE, SKILLS & EXPERIENCE Existing knowledge of the Cyber Security market including areas such as: Endpoint, Email, Identity, Cloud, Networking & Network Security. Vendors to include: Cisco, Mimecast, Crowdstrike, Delinea, Netskope, Palo Alto Networks, Proofpoint, Microsoft, Checkpoint, Tenable, Sophos, Trend Micro. Experience of solution selling including Professional Services & Managed Services. “Don’t meet every single requirement? Studies have More ❯
and SOC workflows. Mentor and guide L1/L2 analysts, providing training, quality reviews, and escalation support. Design and execute proactive threat hunting campaigns using tools such as Defender, CrowdStrike, and custom scripts. Contribute to playbook development, automation improvements (including Microsoft Co-pilot integration), and process optimization. Produce executive-level incident reports, root cause analyses, and recommendations for remediation More ❯
flow, analysing threat data, and playing a key role in improving detection and response processes. You’ll be working across platforms like: Elastic SIEM Microsoft Sentinel Defender for Endpoint CrowdStrike Falcon MISP (Malware Information Sharing Platform) As the team scales, this role offers both strategic involvement and technical depth. There’s also the option to step into a management … happened, but why, how, and how to prevent it Comfortable being an escalation point for technical and analytical issues Working knowledge of key SIEM and EDR platforms (Elastic, Sentinel, CrowdStrike, etc.) Natural curiosity and willingness to get hands-on with data and investigations Broad exposure across cyber domains beyond pure SOC is highly valued Why This Role? Be a More ❯
days a week in Berkshire This L2 SOC Analyst will have the previous following experience: Monitor and investigate security alerts using tools such as Splunk, Microsoft Defender, and CrowdStrike, escalating incidents as needed and ensuring timely resolution. Leverage Microsoft Co-pilot and automation workflows to streamline threat detection, incident triage, and response processes. Conduct in-depth log analysis and More ❯
Oversee day-to-day operations of Cyber Defence teams (CERT, Security Tooling, Proactive Monitoring), managing advanced incident detection, threat hunting, and forensic investigations using platforms like Splunk, Defender, and CrowdStrike Collaborate with Security Engineering and Architecture to integrate AI/ML (e.g., Microsoft Copilot) and emerging security tech for real-time response, smarter automation, and enhanced endpoint/cloud More ❯
leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis using integrated dashboards, combining insights from Splunk More ❯
