26 to 50 of 63 Security Operations Jobs in the Thames Valley

IT Security Operations Engineer Introduction: This is a hands-on role protecting critical digital systems that keep passengers moving safely and employees working securely. You ll join a collaborative IT team where your expertise will directly strengthen the organisation s cyber resilience and operational reliability. Role Overview: Location: Hybrid (Midlands or Oxfordshire 3 days in office) Package:  … £58,000 + excellent travel and lifestyle benefits Industry: Transport/Technology/Cyber Security What You ll Be Doing: Actively monitor, detect, and respond to security threats across IT and operational systems. Manage and optimise key security platforms, including SIEM, XDR, and identity management tools. Implement and review security controls across networks, cloud, and … in tooling, automation, and incident response processes. Collaborate across departments from IT teams to engineers embedding best practice in every area. Mentor colleagues and promote a culture of continual security improvement. Main Skills Needed: Strong background in IT infrastructure, cloud environments, and cybersecurity operations. Hands-on experience with tools such as SIEM, DLP, endpoint protection, and network monitoring. Knowledge More ❯

IT Security Operations Engineer Before applying for this role, please read the following information about this opportunity found below. Introduction: This is a hands-on role protecting critical digital systems that keep passengers moving safely and employees working securely. You ll join a collaborative IT team where your expertise will directly strengthen the organisation s cyber resilience and … Overview: Location: Hybrid (Midlands or Oxfordshire 3 days in office) Package: £52,000 £58,000 + excellent travel and lifestyle benefits Industry: Transport/Technology/Cyber Security What You ll Be Doing: Actively monitor, detect, and respond to security threats across IT and operational systems. Manage and optimise key security platforms, including SIEM, XDR … and identity management tools. Implement and review security controls across networks, cloud, and infrastructure. Lead vulnerability and patch management activities, ensuring risks are mitigated and compliance maintained. Support internal and external audits to meet frameworks such as Cyber Essentials Plus, ISO 27001, and CIS. Drive improvements in tooling, automation, and incident response processes. Collaborate across departments from IT teams More ❯

Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. This role combines technical expertise with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role will … oversee the organization’s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO. Responsibilities Strategic Leadership & Business Partnership Act as a trusted advisor to leadership across operations, engineering, and corporate functions. … Translate cybersecurity risks into business terms, enabling executives to make informed decisions. Partner with various areas within the business to embed security into projects & daily operations. Define and drive the overall security roadmap, ensuring it evolves with the business. Lead security benchmarking and strategic planning Continuous assessment of risk across the organization paired with the ability to More ❯

Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. Ready to make your application Please do read through the description at least once before clicking on Apply. This role combines technical expertise … with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role will oversee the organization s security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO. Responsibilities … Strategic Leadership & Business Partnership Act as a trusted advisor to leadership across operations, engineering, and corporate functions. Translate cybersecurity risks into business terms, enabling executives to make informed decisions. Partner with various areas within the business to embed security into projects & daily operations. Define and drive the overall security roadmap, ensuring it evolves with the business. Lead More ❯

IT Security Operations Engineer This is a hands-on role protecting critical digital systems that keep passengers moving safely and employees working securely. You ll join a collaborative IT team where your expertise will directly strengthen the organisation s cyber resilience and operational reliability. Location: Hybrid (Midlands or Oxfordshire 3 days in office) Package: £52,000  … + excellent travel and lifestyle benefits Transport/Technology/Cyber Security Actively monitor, detect, and respond to security threats across IT and operational systems. Implement and review security controls across networks, cloud, and infrastructure. Lead vulnerability and patch management activities, ensuring risks are mitigated and compliance maintained. Collaborate across departments from IT teams to engineers embedding More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

principles, techniques, and tools. Proficiency in creating Business Change documentation, including policies, standards, processes, procedures, and patterns. Demonstrable experience in risk management and benefits realisation. Experience with changes in Security Operations Centers (SOCs) and related monitoring and management technologies and procedures. A background in Security Operations Centers within the Defence, Nuclear, or Central Government sectors, or More ❯

Sales Engineer: Solutions Architect LMNTRIX is a globally recognised MXDR (Managed Extended Detection & Response) vendor. We sit alongside or above existing technology to catch the threats which breach existing security controls. Scoring a near perfect 5 customer scores on Gartner Peer Reviews and G2 MDR reviews Our solution has recently been endorsed by the IDC MarketScape as a Leader … s journey. Be an active participant in discovery conversations with prospective customers to understand their needs and validate alignment with LMNTRIX solutions. Thoroughly understand and document customer environments including security tooling, network design, authentication, and cloud services. Effectively demonstrate key differentiators by understanding the competitive landscape across endpoint protection, network visibility, security logs and cloud security unified … initiatives such as process improvement, training, content creation, etc. Key Skills In depth knowledge of infrastructure components including Endpoint, Networking, Identity Management, SIEM, and Cloud Services. Technical understanding of security tools and strategies. E.g. security frameworks, security operations, incident response, SIEM, XDR, EDR/EPP, NDR, CSPM etc. Ability to articulate and demonstrate the business application More ❯

Infrastructure Security Engineer- Italian/Spanish speaking We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days) London, Milton Keynes or Birmingham They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. … They are also looking for a candidate who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in … order to complete your tasks for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP’s) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft More ❯

eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! Job Description The Principal Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients. The individual will utilize a variety of tools developed and act as … IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing) Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting … Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach Ability to perform travel requirements More ❯

tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting within Chronicle SIEM, based on log sources - Deliver a minimum viable UEBA capability with … tested detection logic - Provide engineering support to accelerate onboarding of log sources required for UEBA enrichment and detection fidelity - Demonstrate the ability to work with Google Chronicle and SecOps APIs, specifically for the purpose of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to … MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office More ❯

various processes across functions. Gain access to endless learning opportunities. The Role As an MS Purview and M365 Defender XDR SME , you will be a proactive and skilled Microsoft Security Engineer or Analyst tasked with safeguarding digital assets by leveraging a comprehensive suite of Microsoft security technologies. The ideal candidate will have experience using Microsoft Defender XDR for … threats, implement Microsoft Purview to ensure data compliance, and secure identities and access through Microsoft Entra ID. Core responsibilities will include threat management, proactive hunting for vulnerabilities, data protection, security posture management, and incident response. All of these will be based on collaborating with other teams to maintain and improve the organization's overall security posture. Key responsibilities … policies (AIP/MPIP), such as sensitivity labels. Configure and monitor policies to detect, investigate, and act on malicious or unintentional activities that could lead to data leakage or security incidents. Monitor and investigate communications within the organization to detect and address potential violations of corporate policy or regulatory standards. Manage and secure user, group, and workload identities including More ❯

to endless learning opportunities. The Role As an MS Purview + Entra ID SME, you will be tasked with safeguarding digital assets by leveraging a comprehensive suite of Microsoft security technologies. To be successful in this role you should be a skilled Microsoft Security Engineer or Analyst. The ideal candidate will use Microsoft Defender XDR for managing and … implement Microsoft Purview to ensure data compliance, and secure identities and access through Microsoft Entra ID. Your core responsibilities will include threat management, proactive hunting for vulnerabilities, data protection, security posture management, and incident response. All of these will be based on collaborating with other teams to maintain and improve the organization's overall security posture. Key responsibilities … Prevention (DLP) policies to prevent unauthorized data sharing. Configure and monitor policies to detect, investigate, and act on malicious or unintentional activities that could lead to data leakage or security incidents. Monitor and investigate communications within the organization to detect and address potential violations of corporate policy or regulatory standards. Manage and secure user, group, and workload identities including More ❯

We are seeking experienced Cybersecurity Specialists to join a high-impact consultancy project. This role requires deep expertise across Identity and Access Management (IAM), Governance, Risk & Compliance (GRC), or Security Operations Center (SOC) functions. You will work closely with client teams to strengthen security posture and deliver strategic and operational improvements. Responsibilities Design and implement IAM solutions … identity governance. Support GRC activities, including risk assessments, compliance frameworks, and policy development. Enhance SOC capabilities through threat detection, incident response, and continuous monitoring. Collaborate with stakeholders to align security initiatives with business objectives. Provide expert guidance on best practices and emerging cybersecurity trends. Requirements Must have security clearance (SC) Proven experience in IAM, GRC, or SOC domains. … Strong understanding of cybersecurity frameworks (e.g., ISO 27001, NIST, CIS). Hands-on experience with security tools and technologies. Excellent problem-solving and stakeholder management skills. Ability to work independently and deliver results within tight timelines. Details TBC depending on role. More ❯

for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud … based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence-driven hunts to identify and escalate suspicious activity, contributing to our detection engineering More ❯

a high-impact transformation journey as our client builds a cutting-edge Group Shared Services model across the UK, Ireland, and the US. This is your chance to lead security operations, respond to real-world threats, and shape the future of cybersecurity in a dynamic, multi-entity environment. Requirements: Proven experience in incident response and vulnerability management. Hands … related tools. Strong communicatorable to engage technical and non-technical stakeholders. Experience in distributed or franchisee-based environments is a major plus. Certifications like CISSP, CISM, GIAC, or Azure Security Engineer are highly valued. Responsibilities: Be the go-to expert for security incidentsdetect, respond, and remediate across regions. Drive vulnerability management using top-tier tools like Tenable, Nessus … and Microsoft Defender. Collaborate with franchisees, vendors, and internal teams to close security gaps and elevate resilience. Translate complex threats into clear, actionable insights for senior leadership. Help build and evolve a security program that scales across geographies and business models. Join a security-first culture in a global enterprise. More ❯

a high-impact transformation journey as our client builds a cutting-edge Group Shared Services model across the UK, Ireland, and the US. This is your chance to lead security operations, respond to real-world threats, and shape the future of cybersecurity in a dynamic, multi-entity environment. Requirements: Proven experience in incident response and vulnerability management. Hands … tools. Strong communicator—able to engage technical and non-technical stakeholders. Experience in distributed or franchisee-based environments is a major plus. Certifications like CISSP, CISM, GIAC, or Azure Security Engineer are highly valued. Responsibilities: Be the go-to expert for security incidents—detect, respond, and remediate across regions. Drive vulnerability management using top-tier tools like Tenable … Nessus, and Microsoft Defender. Collaborate with franchisees, vendors, and internal teams to close security gaps and elevate resilience. Translate complex threats into clear, actionable insights for senior leadership. Help build and evolve a security program that scales across geographies and business models. Join a security-first culture in a global enterprise. More ❯

a high-impact transformation journey as our client builds a cutting-edge Group Shared Services model across the UK, Ireland, and the US. This is your chance to lead security operations, respond to real-world threats, and shape the future of cybersecurity in a dynamic, multi-entity environment. Requirements: Proven experience in incident response and vulnerability management. Hands … tools. Strong communicator—able to engage technical and non-technical stakeholders. Experience in distributed or franchisee-based environments is a major plus. Certifications like CISSP, CISM, GIAC, or Azure Security Engineer are highly valued. Responsibilities: Be the go-to expert for security incidents—detect, respond, and remediate across regions. Drive vulnerability management using top-tier tools like Tenable … Nessus, and Microsoft Defender. Collaborate with franchisees, vendors, and internal teams to close security gaps and elevate resilience. Translate complex threats into clear, actionable insights for senior leadership. Help build and evolve a security program that scales across geographies and business models. Join a security-first culture in a global enterprise. More ❯

across complex, hybrid environments — from on-prem systems to modern cloud platforms. You’ll play a key part in advancing the company’s threat detection capabilities and ensuring that security operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR … Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. Collaborate with incident response, engineering, and intelligence teams to contain and resolve security incidents. Support continuous improvement of detection strategies and mentor analysts to uplift overall team capability. What You’ll Bring Solid background in threat detection, SOC operations, or incident … response. Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). Hands-on experience developing and tuning detection content for cloud and hybrid environments. Strong grasp of adversarial tactics and techniques and how they translate to real-world detection logic. Excellent analytical and communication skills, with a calm and structured approach to More ❯

on a full-time permanent basis. Ideally looking for someone with previous and relevant experience, our client will also consider candidates looking to move in to CSOC/Cyber Security, providing you have the passion and enthusiasm for Cyber Security. This role is part of a rotating shift-pattern (once you are up and running) and operates on a … basis of 8am-8pm/8pm-8am with 4 days on and 4 days off (rotating day/nights). Key Responsibilities: Oversee and maintain visibility across the full security technology suite. Actively engage in threat hinting activities during periods without active alerts. Contribute to the design and configuration of security alerting. Remain informed on emerging threats, attack … methods, and the evolving cyber landscape. Investigate alerts originating from any of the deployed security systems or solutions. Prepare detailed incident reports for escalation. Create, maintain, and document detailed security processes and procedural workflows. Key Requirements: Previous experience in a similar CSOC/Cyber role (desired). Knowledge in Cyber Security with a desire to work and More ❯

SOC Specialist | London based 2-3x a week | £85,000 + Benefits Role Brief Join a global Security Operations Center team providing 24/7 threat detection and incident response. As a SOC Specialist, you’ll act as a frontline defender—monitoring alerts, leading investigations, and conducting proactive threat hunts. You'll work with a range of More ❯

one of Europe’s most respected financial organizations, a cornerstone of the continent’s financial stability and infrastructure. This is your opportunity to step into a mature, high-performing Security Operations Centre that plays a pivotal role in protecting the backbone of Europe’s financial systems. You’ll be part of a mission-driven environment where precision, innovation … SIEM use cases that strengthen the organization’s detection framework. Lead and guide technical initiatives within the Threat Detection team to ensure continuous improvement. Advise on SIEM architecture and security tooling, bringing deep technical insight to detection strategies. Manage and prioritize detection tasks, balancing proactive threat hunting with operational response needs. What You Bring Proven experience as a Threat … Detection Engineer or similar role within a SOC environment. Advanced hands-on experience with Splunk, including SPL development and Enterprise Security (ES). Demonstrated ability to create and enhance use cases that detect and mitigate evolving threats. Solid understanding of cybersecurity principles, frameworks, and best practices. Strong communication skills in English — you can translate technical detection logic into actionable More ❯

forecasting. Deliver against ambitious new business targets, landing deals typically in the £20k–£40k range . Cybersecurity Services You’ll Sell Penetration Testing & Red Teaming Managed Detection & Response (MDR) Security Operations Centre (SOC) services Threat Intelligence & Risk Advisory Incident Response & Crisis Management Cloud & Endpoint Security Solutions What You Bring Proven track record in new business cybersecurity sales More ❯

a high-impact transformation journey as our client builds a cutting-edge Group Shared Services model across the UK, Ireland, and the US. This is your chance to lead security operations, respond to real-world threats, and shape the future of cybersecurity in a dynamic, multi-entity environment. Hands-on with Microsoft Defender, Sentinel, Azure 365, and related … tools. Drive vulnerability management using top-tier tools like Tenable, Nessus, and Microsoft Defender. Help build and evolve a security program that scales across geographies and business models. More ❯

7+ years in enterprise IT consulting or digital transformation, with demonstrable experience across platforms, especially ServiceNow. Preferred hands-on experience with ServiceNow modules such as IRM, ITSM, ITOM, HRSD, SecOps, and CSM. Experience in Integrated Risk Management (IRM) implementations is highly desirable. Skills & Competencies Advanced requirements engineering: user stories, acceptance criteria, process modelling, and traceability. Strong stakeholder engagement and facilitation More ❯