101 to 125 of 184 Security Operations Jobs in the UK excluding London

have a fantastic opportunity for a CTI Analyst to join our Global Cyber Defence team. The Global Cyber Defence team is responsible for delivering a comprehensive portfolio of technical security controls, monitoring services and intelligence services across the wider Global Information Security team (GIS). Why would you choose this role when there are other CTI Analyst roles … you will work well together and learn from each other. A role you will love This role is part of a global team of professionals that deliver subject matter security services for our most critical applications and infrastructure to ensure that they are resilient against existing and emerging cyber security threats. The Cyber Threat Intelligence Analyst is responsible … intelligence suppliers and the industry to secure and share relevant intelligence in a timely fashion and to close intelligence gaps. Integrate intelligence from internal and external sources to support Security Engineering and Security Operations in delivering further proactive and reactive threat mitigations to current and emerging threats. Create written and verbal intelligence products for stakeholders to assist More ❯

SOC Engineer £60,000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical … with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead … Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams to enforce secure configurations. Provide mentorship to junior analysts and engineers. Maintain documentation of security procedures, incident More ❯

Job Title: SOC SME Contract Type: Technical Professional (TP) Contract Location: Coventry, England, Work Model: Hybrid (3 days on-site at customer location) Experience Level: 10+ years in Cyber Security Designing & Implementation Overview: We're seeking a highly experienced and technically proficient Security Operations Center (SOC) Subject Matter Expert (SME) to drive the architecture, implementation, and optimization … integrating and securing operational technology (OT) environments. Microsoft Sentinel Leadership and Deployment: Lead Sentinel Deployment for OT SOC: Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring, threat detection, and incident response capabilities. Technical SME: Serve as the hands-on technical Subject Matter Expert for Microsoft Sentinel, providing guidance, deep technical implementation, and troubleshooting. Log … Management and Detection and Response (VMDR) tools (e.g., Qualys ), as well as other critical IT/OT systems. Mandatory Skills and Experience: 10+ years of progressive experience in Cyber Security focused on Designing & implementation of security solutions. Deep, demonstrable hands-on experience as a Subject Matter Expert with Microsoft Sentinel (Azure Sentinel). Expertise in Kusto Query Language More ❯

Junior SOC Analyst Up to 34kHybrid (London) Overview: We are seeking an enthusiastic Junior Cyber Security Analyst to join our client's dedicated SOC team. In this role, you will help monitor and defend networks, systems, and applications against evolving threats. You'll work as part of a team that provides 24/7 monitoring, detection, response, and remediation … services for a diverse client base. Key Responsibilities: Support the Managed Extended Detection & Response (MXDR) service. Monitor security alerts and events to identify potential incidents. Assist in investigating security incidents, determining root causes, and supporting remediation plans. Collaborate with internal teams and external stakeholders to ensure security controls are effectively maintained. Generate and review reports on events … incidents, and trends to drive continual improvement. Stay current with security developments, tools, and techniques to strengthen the service. Qualifications & Requirements: Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience) Evidence of self-learning and continual development outside of a university degree 1+ years of experience in cybersecurity (SOC or MSSP experience preferred) is More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats ensuring … and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post … incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage the relationship with the external SOC, ensuring proactive threat detection and response. Stay updated on industry trends and represent the More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats — ensuring … and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post … incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage the relationship with the external SOC, ensuring proactive threat detection and response. Stay updated on industry trends and represent the More ❯

responsible for a wide range of tasks that support the smooth delivery of our 'vCIO' service to our customers, covering the bases of; Consulting, Procurement, Support, Al & Machine Learning, Security Operations, Cloud Operations (AWS, Azure, Office 365). As a Business & Data Administration Apprentice, you will gain hands-on experience in office operations and client support … written and verbal A team player with a passion for customer service A proactive attitude and ability to adapt in a fast-moving environment Interest in technology and business operations Proficiency in Microsoft Word, Excel, Outlook, and other business communication tools Strong numerical and commercial acumen Training Expected Apprenticeship Duration: 14 months + 3 months EPA. Level 3 Data More ❯

This role involves implementing and managing security measures to protect systems and networks in a professional services environment. The successful candidate will play a critical part in ensuring the safety and reliability of the organisation's technology infrastructure in Birmingham. Client Details The hiring company is a professional services organisation with a well-established presence in the industry. As … sized firm, they focus on delivering reliable and tailored services to their clients, supported by a robust and secure technology framework. Description Work with managed service provider for cyber security incident management Proactively conduct threats detection and improve threats detection and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks … Work with engineering team to implement security tools and controls Scope penetration testing and review related reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly acquired businesses Provide guidance and training to staff on cybersecurity best practices. Profile Proven experience in cyber More ❯

Overview Hybrid role with flexible working hours and comprehensive benefits Impactful role in a new and growing security team About Our Client The hiring company is a professional services organisation with a well-established presence in the industry. As a mid-sized firm, they focus on delivering reliable and tailored services to their clients, supported by a robust and … secure technology framework. Job Description Work with managed service provider for cyber security incident management Proactively conduct threats detection and improve threats detection and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks Work with engineering team to implement security tools and controls Scope penetration testing and review related … reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly acquired businesses Provide guidance and training to staff on cybersecurity best practices. The Successful Applicant Proven experience in cyber security operations including threats hunting, detection and response, vulnerabilities assessment remediation Familiarity with More ❯

frontlines to build solutions to monitor for threats, rapidly investigate incidents, and coordinate response efforts with other teams. In this role, you will have the opportunity to shape our security capabilities from the ground up alongside our world-class research and security teams. Responsibilities Lead cybersecurity Incident Response efforts covering diverse domains from external attacks to insider threats … and optimize detections, playbooks, and workflows to quickly identify and respond to potential incidents Review Incident Response metrics and procedures and drive continuous improvement Work cross functionally with other security and engineering teams Note: This position will require participation in an on-call rotation You May Be a Good Fit If You 3+ years of software engineering experience, with … security experience a plus and/or 5+ years of detection engineering, incident response, or threat hunting experience A solid understanding of cloud environments and operations Experience working with engineering teams in a SaaS environment Exceptional communication and collaboration skills An ability to lead projects with little guidance The ability to pick up new languages and technologies quickly More ❯

Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Analyst Location: Glasgow (hybrid) Salary: Up to £57,000 + package NOTE: Candidates for this role must be eligible for UK Security Clearance (SC). We are seeking a Senior SOC Analyst to join a growing Security Operations Centre team. This is a hybrid role based in Glasgow, offering … the opportunity to take a leading role in incident response and advanced security monitoring within a dynamic environment. As a Senior SOC Analyst, you will take ownership of escalated incidents from L1 and L2 analysts, leading investigations, performing root cause analysis, and guiding appropriate remediation actions. You will play a key role in developing SOC use cases, enhancing monitoring … interaction, and leadership, requiring someone who thrives in a fast-moving environment and is comfortable working with both technical and non-technical stakeholders. Key Responsibilities Lead investigations into escalated security incidents, including detailed analysis and root cause identification. Monitor and optimise SIEM tools (Splunk, QRadar, or similar), ensuring accurate detection and effective alerting. Perform malware analysis, reverse engineering, and More ❯

Security Engineer Rate: £550/£600 per day (Inside IR35 via umbrella) Duration: 8 months initial Location: Bristol - hybrid once a week on site We're seeking a Security Engineer to support ongoing security operations while playing a key role in a major data centre migration. You'll work across on-prem and AWS environments, collaborating … with both internal stakeholders and third-party partners. Responsibilities Optimise and streamline security logs to reduce platform costs Review and enhance Zscaler and MS Defender configurations Strengthen and refine role-based access controls Support and validate security actions during a physical data centre move, ensuring alignment with external suppliers Skills & Experience Strong stakeholder management and adaptability Proficiency with More ❯

advising on secure cloud architectures within Google Cloud Platform (GCP), ensuring compliance with UK and international standards. You will work with clients across sectors to assess risks, implement robust security controls, and guide secure cloud adoption strategies. This role requires a strong understanding of cloud-native security, regulatory frameworks, and the ability to translate technical risks into business … this role, you will be required to obtain GCP certification. What You'll Do: Design and implement secure architectures, incorporating identity, access management, encryption, and network security. Conduct cloud security assessments and gap analyses for UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). … Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incident response planning More ❯

re growing like crazy, with $70M in Series C funding, 200% employee growth, and 300% revenue growth in 2024. Fueling Torq's growth are our game changing agentic AI security solutions, backed by a team and culture that makes Torq one of Forbes' Best Startup Employers in America, and a Business Insider 'startup to bet your career on'. … collaborative go-getters pushing the boundaries of what's possible for security automation. Every role is an essential driver of Torq's success as the AI-native autonomous SecOps platform of choice for security teams across the Fortune 500. Excited about our vision and ready to make an impact as we grow? We'd love to see what … to the team. As a Customer Success Engineer at Torq, you'll be a key member of our Field Engineering team, helping customers unlock the full potential of our security hyperautomation platform. Working closely with a global, highly skilled team, you'll ensure customer success by providing technical expertise, problem-solving, and valuable insights into our product's future. More ❯

Job Title: L1 SOC Analyst Our client is a well-established Managed Security Service Provider (MSSP) and a leading Fortinet and Microsoft partner, delivering high-impact cybersecurity solutions to clients in the defense, government, and financial services industries. Committed to nurturing talent, our client offers a comprehensive training and development program to help you advance from entry-level to … a fully-fledged SOC Analyst. As an L1 SOC Analyst, you’ll be at the frontline of cybersecurity defense. You’ll handle real-time triaging of 80-100 security alerts per shift, utilizing Fortinet and Microsoft SIEM/EDR technologies to detect and mitigate threats. This is an excellent opportunity for those passionate about cybersecurity, with hands-on experience … that builds a strong foundation for a lasting career in the field. Responsibilities: Monitor and triage security alerts (80-100 alerts per shift) using Fortinet and Microsoft SIEM/EDR tools. Analyse and prioritize alerts to identify potential threats and escalate as needed. Provide rapid response to incidents and maintain a high level of vigilance across multiple security More ❯

Job Title: L1 SOC Analyst Our client is a well-established Managed Security Service Provider (MSSP) and a leading Fortinet and Microsoft partner, delivering high-impact cybersecurity solutions to clients in the defense, government, and financial services industries. Committed to nurturing talent, our client offers a comprehensive training and development program to help you advance from entry-level to … a fully-fledged SOC Analyst. As an L1 SOC Analyst, you’ll be at the frontline of cybersecurity defense. You’ll handle real-time triaging of 80-100 security alerts per shift, utilizing Fortinet and Microsoft SIEM/EDR technologies to detect and mitigate threats. This is an excellent opportunity for those passionate about cybersecurity, with hands-on experience … that builds a strong foundation for a lasting career in the field. Responsibilities: Monitor and triage security alerts (80-100 alerts per shift) using Fortinet and Microsoft SIEM/EDR tools. Analyse and prioritize alerts to identify potential threats and escalate as needed. Provide rapid response to incidents and maintain a high level of vigilance across multiple security More ❯

Job Title: Lead Security Solution Architect- PAM Location: Hybrid-Sheffield, UK (3Days/Week Onsite) Duration: 6months+ 550GBP/Day Inside IR35 Project Overview CLIENT is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. … controls and capabilities in privileged access for the Group and introducing the strategic password vaulting solution that will enable to meet strategic requirements. We are seeking an experienced Lead Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need … to integrate with as part of the end-to-end journey. Security Solution Architects manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Solution Architects will be required to record key More ❯

Job Title: Lead Security Solution Architect- PAM Location: Hybrid-Sheffield, UK (3Days/Week Onsite) Duration: 6months+ 550GBP/Day Inside IR35 Project Overview CLIENT is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. … controls and capabilities in privileged access for the Group and introducing the strategic password vaulting solution that will enable to meet strategic requirements. We are seeking an experienced Lead Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need … to integrate with as part of the end-to-end journey. Security Solution Architects manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Solution Architects will be required to record key More ❯

Contract Type: Contract (Inside IR35) Duration: 6 Months Day Rate: £382.50 per day Inside IR35 The Role We are seeking an experienced SOC Level 2 Analyst to join our Security Operations Center, supporting threat detection, investigation, and response across enterprise systems. You'll work with leading security technologies, responding to advanced threats and guiding L1 analysts in … a fast-paced, collaborative environment. Key Responsibilities Investigate and remediate complex security incidents including malware, ransomware, and APTs. Handle escalations from Tier 1 analysts and provide technical mentoring. Analyze and correlate alerts using SIEM and EDR tools such as Splunk and Microsoft Defender. Perform forensic analysis to identify root causes and recommend containment and recovery actions. Develop detection use … cases, improve processes, and maintain accurate incident documentation. Collaborate with IT and security teams to strengthen overall detection and response capability. Essential Skills & Experience 6-8 years in cybersecurity, with strong SOC or incident response experience. Proficient in SIEM (Splunk, ArcSight) and EDR (Defender, CrowdStrike, Carbon Black). Strong knowledge of digital forensics, malware analysis, and threat hunting. Skilled More ❯

audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid, Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials/Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory … activities Collaborate with governance, compliance, and risk management teams Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001/2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows/Linux/Unix systems, authentication, firewalls, and cloud security Project management skills using PMP, Agile, Scrum, or Lean Six Sigma methodologies Bachelor's degree in computer science, Information Security, or a related field, or equivalent experience Additional Information Benefits package includes: Great compensation package and discretionary bonus plan Core benefits include pension More ❯

SOC Analyst (L3) - Senior Incident Responder Location: Birmingham (Hybrid) Salary: Up to £70,000 (depending on experience) + bonus NOTE: Candidates for this role must be eligible for UK Security Clearance (SC). We’re looking for a hands-on L3 Senior Incident Responder who can lead on complex security investigations, manage high-severity incidents, and bring real … Act as the L3 escalation point , leading investigations into complex incidents escalated by L1/L2 analysts. Use Splunk and other SIEM tools to detect, investigate, and respond to security events. Perform detailed forensic analysis, root cause analysis, and malware investigation. Lead incident response activities end-to-end, ensuring containment, eradication, and recovery. Develop, refine, and own SOC use … date with the latest threats, vulnerabilities, and attack vectors, integrating threat intel into monitoring. What we’re looking for: Proven L3 SOC experience . 5+ years’ experience in IT security , ideally within a SOC/NOC environment. Strong knowledge and hands-on expertise with Splunk (other SIEM exposure beneficial). Solid understanding of DFIR principles, vulnerability management, and ethical More ❯

Job Title: Lead PAM Security Solution Architect Location: Sheffield (on-site 3 days per week) Salary/Rate: £537 per day inside IR35 Start Date: 09/10/2025 Job Type: Contract until end of the year with potential extension Company Introduction: We have an exciting opportunity now available with one of our sector-leading consultancy clients! They … are currently looking for a skilled Lead PAM Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need to integrate with as part of the end-to-end journey. Project Overview: Our client is working on a strategic Identity … and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. One of the pillars of that programme is Privileged Access Management (PAM). Our client is working on uplifting controls and capabilities in privileged access for the Group and introducing the strategic More ❯

execute our cybersecurity strategy, working across IT, digital, and regional teams to embed a strong cyber culture and robust defenses. Key responsibilities include: Strategic Leadership: Own and evolve the security roadmap, including tooling optimisation and risk management. Secure Design & Architecture: Provide expert guidance across IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling … Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration and consistency across global cybersecurity efforts. What You Bring Degree or equivalent experience in Information Security. … Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility More ❯

execute our cybersecurity strategy, working across IT, digital, and regional teams to embed a strong cyber culture and robust defenses. Key responsibilities include: Strategic Leadership: Own and evolve the security roadmap, including tooling optimisation and risk management. Secure Design & Architecture: Provide expert guidance across IT projects and infrastructure. Operational Oversight: Define and deploy control baselines, templates, and standards. Tooling … Effectiveness: Manage and monitor security operations tools such as Defender, Sentinel, Tenable, and CASB. Incident Response: Lead triage, coordinate crisis responses, and oversee post-incident reviews. Documentation & Governance: Maintain hardening guides, architecture diagrams, and lead working groups. Cross-Regional Alignment: Foster collaboration and consistency across global cybersecurity efforts. What You Bring Essential: Degree or equivalent experience in Information … Security. Certifications such as Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. More ❯

its technical capability, with ambitious growth plans and multiple acquisitions planned every year for the next 5 years (8 in the past 12 months). Reporting into the IT Operations Manager, you will oversee core infrastructure and networking. You'll work closely with managed service providers to ensure seamless operations and business continuity whilst taking a lead on … the Service Desk Team * Set up and configure Local Area Networks (LANs), including hardware deployment and support * Coordinate with third-party MSPs for network and infrastructure management * Manage firewall operations and connectivity with ISPs * Oversee network IP addressing and VPN setups * Support business continuity through proactive incident management * Rapid deployment of site connectivity solutions, including 4G routers * Monitor network … health and performance, ensuring high availability and resilience * Maintain inventory and configuration records for infrastructure and software * Collaborate with the Security Operations Center (SOC) on network security * Support software licensing and upgrades * Support data privacy and security audits * Provide technical support and mentoring * Maintain server rooms and ensure operational efficiency * Develop and implement business processes and More ❯