1 to 25 of 57 Security Operations Centre Jobs in the UK

Job summary The Associate Information Security Practitioner role is part of the Moorfields Information Security Team. The team ensures that our systems and data are safe, secure, and resilient - so that we can focus on delivering high-quality, patient-centred care, and are trusted by our patients, service users and staff. The team has operational responsibility for security tooling, such as anti-virus and intrusion prevention, security assurance platforms, security testing and monitoring platforms, etc) and for our managed services (security operations centre). The team performs assurance and compliance activities most notably contributing to the annual NHS Data Security Protection Toolkit (DSPT) cycle. We put people at the heart of … Digital, Data and Technology experts that deliver excellence in a busy department. Main duties of the job At this role level, you will: Contribute to operational support of information security solutions and services Engage with our third party provision of information security service Contribute Information Security expertise to projects and operational services Support assurance activities and the More ❯

ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team … Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external … parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will More ❯

Senior Manager/Associate Director Cyber Security Operations Basic information Location Bristol, Cardiff, Edinburgh, Glasgow, London, Manchester Business Line Job Type Permanent/FTC Date published 28-Aug-2025 20259 Connect to your Industry Cyber security is critical to every organisation. We are shaping strategies and transforming the management of cyber risk and we need you to … of the areas of our cyber practice with over 450 extremely talented individuals in the UK alone, as part of a Technology and Transformation practice of 7500 people. Cyber security is a business problem, not just a technical problem, and we need people with a diverse array of backgrounds and skills sets to help our clients solve it. Join … us and you will help our clients solve the latest cyber security challenges, in a business with very significant growth ambitions enjoying the kind of professional development that will set your potential free. Connect to your career at Deloitte Deloitte drives progress. Using our vast range of expertise, we help our clients' become leaders wherever they choose to compete. More ❯

Contract Role – Security Analyst (Network & Endpoint) – England/Remote – 4+ Months Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The … successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat … anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC More ❯

SOC Lead - Defence & National Security Location: Farnborough (Hybrid) Salary: £65,000 or £450 per day outside IR35 Clearance: Must be eligible for UK SC clearance and Sole British Citizen This is a fantastic opportunity for an experienced SOC Lead to take ownership of a high-performing Security Operations Centre working on critical defence and national security projects. You'll lead day-to-day SOC operations, drive incident response, and mentor analysts to strengthen detection and response capability against evolving threats. If you want to combine technical depth with leadership responsibility, this role offers both the challenge and the opportunity to shape how cyber resilience is delivered in secure environments. What you'll be doing … Leading daily SOC operations, task prioritisation and shift management Acting as the escalation point for complex incidents and investigations Reviewing, tuning and enhancing detection rules, alerts and playbooks in SIEM/SOAR tools Providing mentorship and technical guidance to SOC analysts Driving post-incident reviews, root cause analysis and continuous improvement Conducting proactive threat hunting and supporting compliance/ More ❯

Role: Senior Security Engineer Salary/Rate: £550-650 per day inside IR35 Location: Hybrid London or Fully RemoteContract Duration: until Dec' 2025 We are currently looking for a Senior Security Engineer for our government client. This Senior Security Engineer role is hybrid, based between working on site in London and remotely. There is scope for flexibility … of days needed in the office. Candidates able to commit to 1-2 days per week in the central London office will be preferred. The contract for the Senior Security Engineer position is until the beginning of December 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ("SC Clearance") This role is inside IR35 … Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

Role: Senior Security Engineer Salary/Rate: £550-650 per day inside IR35 Location: Hybrid London or Fully Remote Contract Duration: until Dec' 2025 We are currently looking for a Senior Security Engineer for our government client. This Senior Security Engineer role is hybrid, based between working on site in London and remotely. There is scope for … of days needed in the office. Candidates able to commit to 1-2 days per week in the central London office will be preferred. The contract for the Senior Security Engineer position is until the beginning of December 2025 with potential to extend, operating inside IR35. Security Clearance: Security Check ('SC Clearance') This role is inside IR35 … Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience More ❯

Role title: Information Security Manager Reports to: Head of Operational Resilience Location: Hub Location Hours of work: Full time, with 3 days per week in the office SMCR Function: Conduct Purpose of role Information Security Manager you will define and drive the information security strategy across our financial services business. You will lead a growing team of … security professionals to safeguard customer data, ensure compliance with regulatory frameworks, and build a culture of security awareness throughout the organisation. Your strategic vision and hands-on expertise will protect critical systems and support business growth. Key Responsibilities Develop and maintain the enterprise information security strategy aligned with business goals Lead the implementation and oversight of a … 3rd party managed Security Operations Centre (SOC) ensuring effective integration. Baseline and conduct regular reviews with an incoming 3rd party managed SOC and the security tools in the Cloud environment (Defender and Sentinel) Oversee security architecture, vulnerability management, incident response, and threat intelligence Lead security risk assessments and manage remediation plans for identified gaps More ❯

CYBER SECURITY ANALYST | SECURITY OPERATIONS CENTER (SOC). Summer-Browning Associates is supporting our client in the Central Government who is seeking a Cyber Security Analyst for an initial 12-month assignment, with the possibility of extension. Location: London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber … Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their … scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review. More ❯

We're now recruiting a senior cyber security analyst support the Security Operations Manager in responding, managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bells systems and services.Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those systems. This role will be … key to understanding the threats targeting AJ Bell and ensuring our defences provide and effective response. Key responsibilities: Reviewing and assessing Security Operations Centre alerts to ensure an appropriate response taken. Overseeing vulnerability scanning to confirm the effectiveness of patching Monitoring systems for compliance with policy and supporting remediation where required. Track and manage penetration testing programs. … Investigate and respond to security breaches and incidents. Supporting the administration of email and web gateways Develop our threat intelligence and provide monitoring of external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate Collaborate with IT and other departments to ensure security best practices are followed. Stay up-to More ❯

lead from the front, joining in our success. This new position of SOC Shift Lead will be to conduct monitoring and triage of alerts associated with host and network security events for clients critical infrastructure. You will support the SOC through both delivery of client work and adding skills and ideas to the already diverse team. This role is … 6PM to 6am, 4 days off. Please note you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop … team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel More ❯

A leading international specialty insurance and reinsurance group is seeking an experienced and forward-thinking Chief Information Security Officer (CISO) to lead and modernize its global cyber security function. The CISO will drive the evolution of its security strategy-from a compliance and risk-led model to a proactive, preventative, and business-aligned cyber program. What you … ll do: Develop and execute a comprehensive global information security strategy aligned with business goals and growth plans, ensuring a proactive and preventative security posture. Establish and mature a global Security Operations Centre (SOC) to strengthen detection, monitoring, and incident response capabilities. Lead enterprise-wide threat management initiatives , addressing vulnerabilities, mitigating risks, and reducing the … likelihood and impact of cyber threats and attacks. Act as the principal security SME , providing leadership and oversight across Cloud Security, Product Security, GRC, Enterprise Security, and IT. Partner with senior IT leadership and business executives to embed security principles within operations, digital transformation, and corporate strategy. Cyber Governance & Risk Management: Enhance and maintain More ❯

our overall success. We invite you to share your perspectives, cultural backgrounds, and innovative ideas; we look forward to your contributions. Join the Vix team as an experienced Cloud Security Engineer! This on-site position in Manchester involves collaborating with our Cloud Operations team and the Security team to maintain robust security protocols. You'll play … a crucial role in guiding our technical teams to meet security standards, successfully passing security audits, and safeguarding both company and customer data. As the first point of contact for security incidents, your expertise will be essential in keeping our systems secure. We regret that this position is only available for UK citizens/Residents with indefinite … the UK, with current full time work rights for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities More ❯

individual diversity brings to the collective. Bring your individual orientation, cultural heritage and distinctive thinking and experience - we want to hear from you! We are looking for an experienced Security Engineer to join the Vix team. This role is on-site in Manchester, working within the greater Vix Security team. The role will see you ensuring Vix technical … teams meet relevant security standards, pass security audits, and protect company and customer data. You'll be a first point of contact for responding to security incidents. We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United … Kingdom, currently residing in the UK. The position is located in Manchester. What you'll be doing: Assess and evaluate the effectiveness of existing security controls. Design and implement security solutions to mitigate identified risks. Implement, and manage security systems, including firewalls, intrusion detection/prevention systems, DLP, endpoint protection, MDM, SIEM, IAM, vulnerability management etc. Respond More ❯

Are you in a Security Operations Centre and every day is the same? We can assure you that there is no boredom in our role. We have a growing Cyber practice in our Defence sector and support enterprise scale clients. Now we have opportunities for L2 SOC Analysts to join in our success and work with multiple … can offer great career progression opportunities, benefits which you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve … and develop team knowledge of SOC tools, security operations and triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable More ❯

Senior Cyber Security Analyst - Leeds About the job Job summary Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC. Visit our YouTube … channel to watch the full series and come and discover your potential. Primarily working within the Investigation and Response element of Cyber Security Incident Management team, you'll get to investigate and respond to cyber security incidents across HMRC. This is varied, interesting and vital work so if you're looking for a new challenge, putting your experience … from all backgrounds with the experience and skills needed to perform this role. Job description The Incident Management Team are the front-line operational arm of the HMRC Cyber Security Team, responsible for protecting the confidentiality, integrity and availability of HMRC online services and data assets. The team and the successful individual undertake the following 3 core activities: Detect More ❯

Senior Cyber Security Analyst - Leeds About the job Job summary Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC. Visit our YouTube … channel to watch the full series and come and discover your potential. Primarily working within the Investigation and Response element of Cyber Security Incident Management team, you'll get to investigate and respond to cyber security incidents across HMRC. This is varied, interesting and vital work so if you're looking for a new challenge, putting your experience … from all backgrounds with the experience and skills needed to perform this role. Job description The Incident Management Team are the front-line operational arm of the HMRC Cyber Security Team, responsible for protecting the confidentiality, integrity and availability of HMRC online services and data assets. The team and the successful individual undertake the following 3 core activities: Detect More ❯

Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office. Job purpose: The role of an Incident Response (CSIRT)/SOC Level … eradication, and recovery strategies that minimise business impact and protect network systems and customer data from cyber threats. Dimensions People – Work collaboratively in a team of around 14 cyber security operations staff. Mentor Level 1 and Level 2 SOC Analysts, providing guidance and training. Suppliers – Regular interaction with technical resources from outsourced Managed Security Service Providers (MSSPs … and cyber security tooling vendors. Communication – Communicate technical cybersecurity concepts to both technical and non-technical colleagues across all levels of seniority. Stakeholders – Build and maintain collaborative working relationships with internal technology teams, external partners, suppliers, and providers to drive outcomes and agree on courses of action. Principal Responsibilities Advanced Threat Hunting: Analyse and assess multiple threat intelligence sources More ❯

Were looking for a skilled Service Delivery Analyst - Security Operations to join a dynamic service delivery team. This role is ideal for someone with a strong background in IT service management anda knowledge of cybersecurity and SOC tooling. Someone who excels at managing stakeholder relationships and translating technical insights into business value. Key Responsibilities: Act as a liaison … between the Security Operations Centre (SOC) and your customer portfolio Deliver regular Service Reviews , performance reporting, and client-facing updates Use ITSM tooling Report onweekly and monthly tasks and actions, ensuring remediation actions are tracked and communicated Essential Skills & Experience: Knowledge of Cybersecurity and SOC tools (e.g. Microsoft Defender) Strong knowledge of ITIL , Agile , and ITSM best More ❯

The Role: Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, require a Cyber Defence Analyst to work in their CSOC (Cyber Security Operations Centre) Team. The Cyber Defence Analyst will be expected to contribute to the growth and development of the CSOC. You will work with a wide variety … of stakeholders to ensure, the Leidos CSOC, a Defensive Cyber Security capability, can support a customers Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating their risk of Cyber Attack. The successful candidate will be able to demonstrate experience from a CSOC background or be able to demonstrate sufficient transferable Cyber Security … succeed in the role the candidate must be capable of working under pressure, delivering on multiple customer accounts and have an appetite to progress and develop their own Cyber Security career. The role will be working within the CSOC, adhering to a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager. What will More ❯

CYBER SECURITY ANALYST | SECURITY OPERATIONS CENTER (SOC). Summer-Browning Associates is supporting our client in the Central Government who is seeking a Cyber Security Analyst for an initial 12-month assignment, with the possibility of extension. Location: London | Hybrid| Remote The ideal candidates will hold active DV clearance and have a proven background in Cyber … Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their … scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review. More ❯

Security Engineer 6 months Remote Inside IR35 - Umbrella only Key Responsibilities Build and implement Technical Solutions: Assist Solution Architects with initial testing and POC of Cyber Security solutions. Implement infrastructure, networking and integration components as per the approved design. Collaborate with the Solution Architects to ensure all build related work is complete, documented and ready for testing. Plan … to forge strong relationship with change management, project management team members. Work with end users to fix any bugs post deployment of solutions. Essential Experience Proven experience working as security engineer on large scale programmes in the Cyber Security Portfolio largely on Identity based security, Data classification and Cyber Security Resilience. Implementation knowledge of Microsoft Entra … ID features like application integration, provisioning, MFA, SSPR and Conditional Access policies. Prior experience deploying Data classification using Microsoft Purview for a large enterprise. Experience collaborating with the Security Operations Centre (SOC) to optimise security monitoring, response planning and execution. Understanding of vulnerability management and threat landscape detection and remediation. Proven experience in being part of More ❯

securing the digital future of our clients. As a SOC Analyst, you’ll be at the forefront of protecting critical systems, working within a CGI team to strengthen defence operations and respond to evolving cyber threats. Based on-site in Chippenham, this role is central to maintaining compliance with Defence standards and supporting a 24/7 security … you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold the highest level of UK Security Clearance for this position. Your future duties and responsibilities In this role, you will be a key member of the Security Operations Centre, monitoring, analysing, and … and client environment, you’ll contribute to testing, assurance, and compliance activities while helping to shape the future of the service offering. Your expertise will help ensure alignment with security standards, while your creativity will support innovation in the use of SIEM/SOAR tools and automation. You’ll be part of a collaborative environment where ownership of solutions More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents … and escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯

SOC Level 3 Analyst Location: Crawley (Hybrid) Department: Information Systems Type: Contract | Full-time Outside IR35 About the Role My client is seeking an experienced Incident Response (CSIRT)/Security Operations Centre (SOC) Level 3 Analyst to join their Information Systems directorate, based in Crawley. In this critical role, you'll respond to high-severity cyber incidents … and escalated security events, leveraging your technical expertise, analytical mindset, and industry-standard tools to contain, eradicate, and recover from cyber threats. Your work will directly contribute to safeguarding my client's network systems, operational technology, and customer data from emerging and sophisticated cyber risks. Key Responsibilities As a senior member of the Security Operations team, you … and OT environments to identify and eliminate hidden threats. Develop and enhance SOC policies, playbooks, and incident response processes to align with industry best practices. Collaborate with the Managed Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR More ❯