226 to 250 of 346 Security Operations Jobs in the UK

site (5 days per week) Permanent | SC Clearance Required. Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence. The successful candidate will play a vital role … in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in More ❯

Focus on continuing to develop dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk. Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active … advocate for improvements to configurations or technologies. Continue to develop and improve the Cyber Incident Response Plan and advocate for the program. Participate in on-call rotation for escalated security events.# QUALIFICATIONS Experience in having worked in a Security Operations, CSIRT, or similar role and able to demonstrate a passion in Cyber Security. Experience building out functions … Team such as an insider risk, threat intelligence, breach attack simulation, or similar programs. Strong understanding of the fundamentals such as packet, file, and log analysis. Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, Endpoint Detection and Response (EDR), and SIEM (Splunk) Strong understanding More ❯

work for you". What you will be doing Manage the provisioning and de-provisioning of access rights for users, systems, and applications in alignment with business policies and security standards. Maintain and enhance IAM tools and infrastructure, including role-based access controls (RBAC), single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM). Perform … access reviews and recertifications to ensure compliance with internal governance and external regulatory requirements. Identify, assess, and respond to IAM-related risks and incidents in collaboration with the cybersecurity operations team. Develop and maintain documentation, including access management policies, processes, procedures, and system configurations. Ensure effective onboarding and offboarding processes are executed in accordance with HR and business policies. … in IAM systems integration during projects and audits. Contribute to continuous improvement by identifying process automation and efficiency gains. Manage user accounts, permissions, and group memberships. Execute daily IAM operations and service requests. Conduct audit logging and reporting activities. Implement and enforce access control policies aligned with corporate governance. Design and review workflows for joiners, movers, and leavers. Maintain More ❯

serving over 200 companies worldwide, we are following our mission of revolutionizing the way IT is deployed. Job Overview Job Description We are looking for a highly skilled Technical Operations Lead to join our Cybersecurity Investigations team. This role is pivotal in managing technical operations and ensuring the integrity, confidentiality, and availability of our digital assets through proactive … and by dedicating daily time to quality assurance activities such as reviewing individual ticket handling, providing constructive feedback, and identifying skill gaps for targeted development. Oversee all daily technical operations within the Cybersecurity Investigations team by ensuring established client security protocols are rigorously followed. Manage and coordinate all aspects of incident response and forensic investigations through following the … as the primary technical liaison between the client team and the UK Based Cybersecurity Investigations team and other departments, facilitating communication and cooperation, preparing detailed reports and presentations on security trends, incident status, and risk mitigation for senior management. Monitor scheduling to meet baseline standards, handle attendance, timecard tracking and ensure that team members are following applicable laws and More ❯

DOE + Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What … logic with threat intel, coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project Support: Support presales, contribute to new SOC solution scoping, and lead demos where required. What we're … looking for: Must hold or be eligible for SC Clearance (essential). Expertise with IBM QRadar (configuration, rule development, playbooks). 3-5 years+ experience in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and More ❯

Windows 10 endpoints from Legacy antivirus solutions (Symantec, McAfee) to Microsoft Defender for Endpoint (ATP). This critical role requires hands-on expertise in deploying, configuring, and managing Defender security controls, as well as strong problem-solving skills to investigate threats, remediate incidents, and collaborate with cross-functional teams to ensure secure and compliant endpoint protection Key Responsibilities: Lead … dashboards, exclusions, and reporting to ensure secure and compliant endpoint protection. Monitor, investigate, and remediate threats using Defender EDR, Threat & Vulnerability Management, and automated remediation to resolve high-priority security issues. Collaborate with cross-functional teams and stakeholders to provide end-to-end Defender support, documentation, and continuous security improvement. What You Will Ideally Bring: SC Clearance (preferred … Proven expertise in Microsoft security technologies, including Defender for Endpoint, O365, Identity, and Cloud App Security, with hands-on experience onboarding and managing Windows 10 devices. Strong background in Legacy AV solutions (Symantec, McAfee) with the ability to plan and execute smooth migrations to Microsoft Defender. Deep knowledge of endpoint security operations, including EDR, Threat & Vulnerability More ❯

to name a few! Job Description Your Career The Cortex Customer Success Architects are responsible for empowering our clients to prevent successful cyberattacks as well as simplify and strengthen security processes, automate and streamline security operations and attack surface management, the team is built by highly technical professionals that work together with customers, partners, and their awesome … Ensure technical knowledge of the team is translated into articles and guides for our customers to consume allowing our customer coverage to scale Qualifications Your Experience Experience as a Security Incident Responder or SOC analyst/manager Experience with development and maintenance of scripts in Python JavaScript or PowerShell is a plus Experience with security design and architecture More ❯

IT Security Engineer/Lead London - £75,000 - £85,000 pa + Bonus + Benefits JNC are working with a growing professional services company in London that are looking to bring on a talented IT Security Engineer who will help lead them into the next phase of their security operations journey. This is a really exciting … opportunity for someone who has experience being the go-to IT security person in a growing IT department, as well as being able to take the lead on new and exciting security driven projects. This could be anything from helping create a new outsourced SOC or furthering the organisations cloud and 365 offerings. The ideal person for this … role will have a strong background in networking and firewalls as well as some recent experience in security architecture. Technical Experience: Must have strong networking, switching and firewalls experience. Ideally Checkpoint and Extreme networks. Experience with SolarWinds or similar Experience with url filtering (Censornet or similar) Any experience with SOC solutions is desirable but not essential. Artic Wolf of More ❯

IT Security Engineer/Lead - London - £75,000 - £85,000 pa + Bonus + Benefits JNC are working with a growing professional services company in London that are looking to bring on a talented IT Security Engineer who will help lead them into the next phase of their security operations journey. This is a really exciting … opportunity for someone who has experience being the go-to IT security person in a growing IT department, as well as being able to take the lead on new and exciting security driven projects. This could be anything from helping create a new outsourced SOC or furthering the organisations cloud and 365 offerings. The ideal person for this … role will have a strong background in networking and Firewalls as well as some recent experience in security architecture. Technical Experience: Must have strong networking, switching and Firewalls experience. Ideally Checkpoint and Extreme networks. Experience with SolarWinds or similar Experience with URL filtering (Censornet or similar) Any experience with SOC solutions is desirable but not essential. Artic Wolf of More ❯

procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure, operating systems, and applications Experience with SIEM tools and/or packet capture technologies Clear understanding of More ❯

procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure, operating systems, and applications Experience with SIEM tools and/or packet capture technologies Clear understanding of More ❯

procedural issues and feeding into continuous improvement of playbooks and SOPs Supporting incident response and contributing to broader SOC initiatives What we’re looking for Strong background in cyber security within a SOC environment Hands-on knowledge across network security, infrastructure, operating systems, and applications Experience with SIEM tools and/or packet capture technologies Clear understanding of More ❯

class security. You will work cross-functionally and collaborate with senior stakeholders across the business while working closely with Technology Services colleagues to implement procedural and technical aspects of Security Operations, including liaison and engagement with the MSSP/SOC. What will you be doing? In this role, you will play a key role in implementing, optimizing, and … are looking for people with: Legacy Environment Support (Essential): Providing operational support and maintenance for our Windows Server estate. Troubleshooting, patching, and managing upgrades to ensure system stability and security Supporting the transition of legacy workloads into modern cloud-native solutions where appropriate Compute & Infrastructure (Essential): Deploying, configuring, and optimising workloads using EC2 and related services Building and managing … usage Networking & Content Delivery (Essential): Configuring and maintaining VPCs, subnets, route tables, Transit Gateways, and VPNs Leveraging CloudFront, Route 53, and API Gateway for secure and scalable content delivery Security & Identity (Essential): Applying best practice security principles using IAM, KMS, Secrets Manager, and AWS Organisations Working with the Cyber Security team to embed compliance, monitoring, and governance More ❯

Lead, develop, and transform the IT infrastructure and security operations at one of the UK's leading fulfilment and logistics providers, with an ambitious growth strategy supported by cutting-edge technology You will be part of a dynamic, innovative environment where your leadership will directly influence customer service, operational efficiency, and scalability. MUST HAVE 3PL EXPERIENCE Location: East … stamp on the role. Exposure to a Growing Business: Join a forward-looking, recently acquired organisation and contribute to its ambitious growth journey. Variety of Responsibilities: Oversee infrastructure and security management alongside user support, ensuring a broad and engaging remit. Career Development Potential: Reporting directly to the CIO, you will have access to senior leadership, opening doors to further … engage directly with teams across locations, ideal for someone who enjoys building connections on the ground. Purpose of the Role You will be responsible for the stability, performance, and security of enterprise-wide technology platforms. This role combines strategic planning, operational leadership, and team development to support growth and drive innovation. Key Responsibilities Infrastructure & Cybersecurity Lead the design, implementation More ❯

Lead, develop, and transform the IT infrastructure and security operations at one of the UK's leading fulfilment and logistics providers, with an ambitious growth strategy supported by cutting-edge technology You will be part of a dynamic, innovative environment where your leadership will directly influence customer service, operational efficiency, and scalability. **MUST HAVE 3PL EXPERIENCE ** Location: East … stamp on the role. Exposure to a Growing Business: Join a forward-looking, recently acquired organisation and contribute to its ambitious growth journey. Variety of Responsibilities: Oversee infrastructure and security management alongside user support, ensuring a broad and engaging remit. Career Development Potential: Reporting directly to the CIO, you will have access to senior leadership, opening doors to further … engage directly with teams across locations, ideal for someone who enjoys building connections on the ground. Purpose of the Role You will be responsible for the stability, performance, and security of enterprise-wide technology platforms. This role combines strategic planning, operational leadership, and team development to support growth and drive innovation. Key Responsibilities Infrastructure & Cybersecurity Lead the design, implementation More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯

THreat Intelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber Threat Intelligence and Vulnerability team, working with DV-cleared professionals on meaningful, mission-critical projects. … What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits Industry-leading training More ❯