1 to 25 of 265 Cyber Defence Jobs in the UK

Lead SOC Analyst Leeds SC Clearance essential Day Shift/On-site A leading UK-based consultancy specialising in Defence and Security is seeking an experienced Lead SOC Analyst to support the day-to-day operations and continuous improvement of a dedicated SOC for a high-profile Critical National Infrastructure (CNI) organisation. This opportunity involves working at the forefront … of cyber defence, helping to secure hundreds of cloud-hosted systems across AWS and Azure environments from persistent and advanced threats. This strategic SOC is designed to be a benchmark of cyber security excellence, blending in-house and consultancy staff across multiple sites. Core operational duties will be conducted from a secure facility in Leeds, due to … SIEM) and orchestration tools. Due to the nature of the project applicants must hold an active SC Clearance and be eligible for enhanced clearance checks Key Responsibilities: Lead operational cyber defence activities across a 24/7 SOC environment. Deliver comprehensive shift handover briefings and ensure continuity across teams. Monitor and analyse SIEM alerts, logs, and network traffic More ❯

threats. Key Responsibilities: Vulnerability Management: Develop, implement, and operate vulnerability management capabilities using tools like Tenable One. Deploy, configure, and manage vulnerability assessment tools (e.g., Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various … teams. In-depth understanding of the current threat landscape and security best practices. Preferred Qualifications: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+). Experience with the NCSC's Active Cyber Defence Toolkit. Familiarity with regulatory requirements and industry standards (e.g., GDPR, ISO 27001). Work Environment: This is a fully remote position, offering flexibility and the opportunity to More ❯

We are seeking a Senior Threat Analyst to join our rapidly growing Information Security team. This role offers a unique opportunity for a seasoned cybersecurity professional to lead our cyber defense strategy, protect our brand from threats, and build our threat intelligence and hunting capabilities from scratch. You will have significant input on tooling and services, with the autonomy … implement them. The ideal candidate is an innovative collaborator with strong technical and communication skills, and a passion for solving complex problems. You'll report to the Head of Cyber Defence and lead the development of advanced CTI and threat hunting strategies, integrating seamlessly into our security processes and driving ongoing improvements. Our Future Health is the UK … aiming to gather data from 5 million volunteers to advance health discoveries. Key Responsibilities Collaborate with the security team and MSP SOC to enhance organizational security. Develop and utilize cyber threat intelligence approaches, including tooling and feeds. Stay updated on the cyber threat landscape, especially in health research sector. Triaging, analyzing, and responding to threat intelligence alerts. Track More ❯

within the IT department operating from London and Houston. The IT Security Team Lead will be based in London. The purpose of the IT Security function is to manage cyber risks and issues for EDF Trading globally. Position purpose The IT Security Team Lead provides line management to the IT security team in London (4 direct reports), collaborates with … a technical background to provide continuity with others in the team and to be an SME to internal stakeholders for IT Security matters, the role has an emphasis on cyber risk management and governance. Main responsibilities Security programme [40%] : Implement and/or manage the implementation of solutions to counter cybersecurity risks in accordance with the global security roadmap … cybersecurity risks. Implementing and maintaining solutions owned by IT Security. Designing and implementing processes. Project planning, managing dependencies and coordinating resources. Governance, risk and compliance [20%] : Manage the regional cyber risk exposure and drive compliance with established policies, standards and procedures including: Working closely with the to continually develop, improve and maintain a globally consistent approach to the adoption More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical best practices in Sentinel and … and platforms and their integration into SOC operations. Responsibilities: Lead technical migration of log sources into Microsoft Sentinel SIEM. Build security automations, logging, and SIEM detections to improve the Cyber Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements More ❯

corporate (Fortinet) and customer (AWS) environments to enable timely and effective response to, and management of, incidents, alarms, notifications, calls, and other activities related to the NSOC and new cyber threats. Lead the vulnerability management process to ensure that vulnerabilities are detected, escalated, and remediated for both the customer and corporate environments. Lead the Threat Intelligence process, document and … priorities. Proven ability to work independently on resolving complex issues, assisted by the Information Security Manager, IT and DevSecOps. Excellent experience with the Threat Landscape, Threat Hunting, Adversary Methodologies, Cyber Defence and MITRE attack framework. Significant previous experience working in a lead role in one of the following security areas: NSOC Analyst, Threat Analyst with the ability to … communication and documentation skills. Organised and willing to document and drive process and procedure. Nice to have but not essential: Working knowledge of ISO 27001:2013/2022, GDPR, Cyber Essentials & Cyber Essentials Plus. Experience of network/switch/firewall management & configuration. Advanced understanding and demonstrable experience of networking principles, IT architecture and security architecture. Shift management More ❯

About the Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways … of working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you're making progress. About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to … play a direct role in helping our clients with one of the most important aspects of their lives - their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The More ❯

Cyber Security Operational Incident Manager - Technical Consultant Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International Cyber Security Operational Incident Manager - Technical Consultant 1 day ago Be among the first 25 applicants Join to apply for the Cyber Security Operational Incident Manager - Technical Consultant role at Fidelity International About … The Opportunity Job Type: Permanent Application Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 We share a commitment to making things better for clients and each other. We continually explore new technology and different ways of … working to put our clients first. So bring your boldest ideas to our Cyber Defense Operations team and feel like you’re making progress. About Your Team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play More ❯

Engineering: Develop detection rules and maintain playbooks. Automation and Scripting: Automate tasks using tools like Python and PowerShell. Threat Hunting: Identify and mitigate potential threats. Collaboration: Work with other cyber defence teams and communicate findings. Continuous Improvement: Suggest and document process improvements. Monitoring: Provide continuous security console monitoring. Technical Analysis: Analyse incident telemetry and investigation pathways. Intelligence Integration … AWS Certified Cloud Practitioner). Proficiency in network/application protocols and operating systems. Experience with security tools (EDR, SOAR, SIEM). Preferred scripting/programming experience. Knowledge of cyber security legislation and best practices. Preferred experience dealing with incidents in a wide range of environments, including OT and ICS technologies. Preferred experience of working with wider Cyber Defence teams, including Intelligence, Vulnerability Management, Threat Hunting and Purple Teams Personal Attributes: Strong interpersonal, analytical, and problem-solving skills. Effective team player with excellent communication. Adaptable, detail-oriented, and proactive. Why Join Centrica? Dynamic and innovative team. Continuous learning and professional development. Supportive and inclusive work environment. Competitive salary and bonus potential. Employee Energy Allowance at More ❯

Social network you want to login/join with: Are you ready to take the lead in safeguarding critical networks and mentoring the next generation of cyber defenders? We’re on the hunt for a SOC Analyst to join our high-performing SOC team. As a key player in our cyber defence operations, you’ll lead from … the front—managing teams, guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS/IPS, EDR, and other tools. … strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring, and incident response. Proficient in SIEM tools (e.g., LogRhythm, Splunk) and IDS systems (e.g., Snort). In-depth knowledge of network and host security. Skilled in More ❯

Are you a seasoned Cybersecurity Engineer ready to play a key role in defending a global enterprise against evolving cyber threats? We are seeking a Senior Cybersecurity Engineer to join our London-based team and help strengthen the digital resilience of one of the most dynamic players in the insurance and underwriting sector. About the Role As part of … our Security Engineering team, you'll be instrumental in enhancing our cyber defence capabilities across our global infrastructure. From designing and implementing cutting-edge security solutions to influencing architectural decisions and leading key security projects, your work will directly contribute to our mission of maintaining a strong, agile, and secure digital environment. What You'll Do Lead security More ❯

Cyber Security Analyst/Engineer Location: Ideally based in York or Leeds Working Pattern: Full time, Monday to Friday, working Hybrid – with travel to office locations as required Salary: £45,000 – £65,000 (dependent on experience) + car allowance Overview An exciting opportunity has become available for a Cyber Security Analyst/Engineer to join a growing, forward … Azure) Review vulnerabilities and drive remediation plans across the environment in collaboration with relevant teams Key Skills & Experience Technically minded security engineer with a solid foundation in hands-on cyber defence Proficiency with tools such as SIEM, PAM, web/email filtering (e.g. Mimecast), IDS/IPS, antivirus, endpoint protection, Microsoft Sentinel, and vulnerability assessment tools (e.g. Tenable More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

We’re looking for a Senior Incident Response Manager to join our cyber-security team in Reading, UK or Schiphol, NL In this fantastic opportunity, you will work at the forefront of cyber defence operations, delivering Group Security’s and Liberty Global’s wider mission through helping to reduce; the impact of cyber incidents affecting Liberty … Global, Retained Markets and Joint Ventures. You will provide the Subject Matter Expertise to coordinate and drive the response to serious cyber incidents through the best practice Incident Management (IM) life cycle and ensure root cause analysis is performed to support improvement of our controls. You will lead the Cyber Emergency Response Team responsible for ensuring the delivery … of the cyber incident response (CIR) life cycle for serious cyber incidents by ensuring that the relevant parts of the business and partners are engaged and activated to undertake the actions needed to reduce impact on our business. When not responding to incidents, you will help develop our Incident Management and Incident Response capabilities, including writing and maintaining More ❯

the strategic direction of Arm's Detect & Response function, delivering outstanding performance and ensuring we are resilient against an evolving threat landscape! In addition to operations, you will lead cyber crisis management, C-Suite level stress testing, team development, and top-level cybersecurity thought leadership. Responsibilities: Own and deliver the strategic roadmap for cyber incident and vulnerability detection … while maximizing data insights and intelligence to inform operational and strategic decision-making. Drive collaboration across Arm and external vendors as we embed a shared understanding to deliver our cyber strategies. Provide strategic input and collaborate with IT, Enterprise Security, and business leadership to inform security roadmaps, governance, and operating models. Maintain a balanced, comprehensive framework of processes, governance More ❯

Social network you want to login/join with: Cyber Security Incident Responder, Brighton Location: Brighton, United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 06.06.2025 Expiry Date: 21.07.2025 Job Description: We are seeking an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic team. The role involves maintaining the … security of Element’s digital infrastructure by managing cyber incidents. This is a unique opportunity to be a key member of Cyber Defence, working closely with stakeholders to develop a 24/7 operational cyber defence capability. Experience in Digital Forensics and Incident Response (DFIR) is encouraged. This position requires on-call duties and overtime … during serious cyber attacks. Location in the UK is flexible. Responsibilities: Build Element’s IR capability following industry best practices (NIST, SANS, etc.). Lead cyber incident management, conduct investigations, determine root causes, and recommend remediation. Collaborate with IT, Privacy, Legal teams, and senior stakeholders; report incident statuses. Conduct post-incident reviews for continuous improvement. Perform digital forensics More ❯

Principal Network Defence Analyst - Peterborough Job Title: Principal Network Defence Analyst Location: Peterborough (Hybrid) Contract and shift details: Permanent, full-time position (37.5 hours per week), with participation in an on-call rota approximately once every six weeks—covering out-of-hours support, including evenings and weekends. Are you an experienced network professional with a keen interest in … cyber defence and skilled at solving complex infrastructure challenges? Do you thrive in a critical role where connectivity and security converge to protect global operations? Our Cyber Security team is looking for a Principal Network Defence Analyst to join our DevSecOps function—playing a critical role in shaping, maintaining, and innovating our network security landscape. This … is a hybrid role combining deep technical knowledge of connectivity with a strategic approach to cyber defence. You\\\'ll work closely with internal teams and external vendors to ensure our infrastructure remains secure, scalable, and aligned with our wider security goals. What you\\\'ll be doing: Act as the subject matter expert for network security, providing technical leadership across More ❯

The Go to OT Security Recruiter! Senior Recruitment Consultant @ SR2 | Socially Responsible Recruitment | Certified B Corporation. Join one of the UK’s leading energy providers as an Operational Technology Cyber Analyst, where you'll play a critical role in securing our nation’s infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from … evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management initiatives and penetration testing exercises. Contribute to policy development and ensure alignment with IEC62443, NIS, CAF, OG86, and … systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and deliver root cause analysis. Effective communicator with proven ability to influence and collaborate across functions. Comfortable working More ❯

Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service 1 week ago Be among the first 25 applicants Join to apply for the Lead Cyber Security Analyst role at Crown Commercial Service Direct message the job poster from Crown Commercial Service Recruitment Advisor at Crown Commercial Service Position: Lead Cyber Security Analyst … improved digital technologies to enhance the services we provide, the ways we work, and how we interact with our customers, suppliers and other stakeholders. We’re implementing a new cyber security function as part of Agile digital delivery within our growing team, and the pace and scale of change within the Directorate is unprecedented . Job Summary In this … critical role, establishing and leading our newly formed cyber security team, you will be responsible for understanding, detecting and responding to cyber threats and vulnerabilities affecting the Services we operate, as well as leading on regular IT Health Check’s, resolving any issues identified that need addressing, and working with Operations and Development teams to prevent these issues More ❯

You will need to login before you can apply for a job. SOC Shift Lead – Cyber Defence & Security Location: On–site, Hemel Hempstead Salary: GBP58K – GBP65K + Benefits Security Clearance: Must be eligible for DV Clearance ? Shifts: 2 Days (6AM–6PM), 2 Nights (6PM–6AM), 4 Days Off Lead the Future of Cyber Defence Join a … high–performing Cyber Security team at the forefront of Aerospace, Defence, and National Security. We're on a growth trajectory and looking for a SOC Shift Lead to take charge, drive innovation, and protect critical infrastructure. Your Impact: Lead the SOC: Monitor, triage, and investigate security incidents to safeguard critical assets. Threat Intelligence: Analyse network traffic, logs, and … system events to detect vulnerabilities. People Leadership: Manage and mentor analysts, shaping the future of cyber defence. Optimise Security Operations: Enhance SOC tools , improve detection rules, and refine security processes using MITRE ATT&CK . Represent the SOC: Engage with key partners and stakeholders. What You Bring: ? SOC Expertise: Proven experience in Security Operations Centres with hands–on threat More ❯

Summary Reporting to the Head of Operational Risk and working closely with the Head of Information Security, the role will support in managing the Bank’s Second line of Defence (2LOD) for cyber security, assuring compliance with the Bank's Information Security Policies and Standards and overseeing the effective implementation of security controls through engagement with the Bank … s cyber security operations team (1LOD). Key Work Outputs and Accountabilities Supporting the management of the Bank’s Cyber Security function maintaining compliance with our NIST based cyber security framework. Responsible to Head of Operational Risk for Information Security RCSA framework, in particular regulatory compliance, and tolerated risk exposure. Act as Cyber Security expert within … the Second Line of Defence (2LOD), providing advice and guidance to 1LOD on best practice cyber security and to business driven change activity. Working with the Bank’s Enterprise Architect to ensure solutions are delivered in accordance with BACB’s IT Security policies and Standards. Ensure the Bank can effectively respond and recover from Cyber Security Incidents. More ❯

CPS Group is currently working with a leading UK-based Critical National Infrastructure (CNI) organisation, supporting their search for an experienced Incident Response Analyst to join their growing Cyber Resilience Team. This is an exciting opportunity to be a key player in protecting vital national services from cyber threats, working within a Security Operations Centre (SOC) environment and … prevent further impact. Work closely with IT and security teams to develop incident response strategies. Analyse incidents to identify root causes and recommend improvements. Contribute to the development of cyber security plans, policies, and training. What We’re Looking For Proven experience in a SOC or similar cyber security role. Strong understanding of cyber threats, threat intelligence … frameworks, and best practices. Excellent problem-solving and analytical skills. GIAC Certified Incident Handler (GCIH) or equivalent. Degree in Cyber Security or a related field. Additional cyber security certifications. This role offers a unique chance to work in a nationally critical environment, helping safeguard vital services and infrastructure. If you're passionate about cyber defence and More ❯

About the job you're considering Embedded with an existing Customer SOC Capgemini supplies a level of cyber expertise and corporate experience assisting the customer in regular SOC activities as well as proposing new processes and bringing best practice to the workplace. Must be a sole British National. This role is based five days per week on-site in … going back three continuous years and unspent criminal record check known as Disclosure and Barring Service. Your role Conduct reactive monitoring of client networks to deliver a layered agile cyber defence capability across all security domains. Manage and triage alerts conduct impact assessments and develop mitigating strategies to be briefed up the chain of command. Improve and comply … all extant cyber security policies procedures and orders review and amend when required. Maintain and share knowledge of current cyber issues vulnerabilities and exploits through research technical reports and briefs. You can bring your whole self to work At Capgemini striving for equity diversity and inclusion is part of everyday life and will be part of your working More ❯