101 to 125 of 143 Remote Security Operations Jobs

SOC Engineer £60,000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical … with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead … Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams to enforce secure configurations. Provide mentorship to junior analysts and engineers. Maintain documentation of security procedures, incident More ❯

SOC Engineer £60,000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical … with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead … Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams to enforce secure configurations. Provide mentorship to junior analysts and engineers. Maintain documentation of security procedures, incident More ❯

SOC Engineer £60,000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical … with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead … Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams to enforce secure configurations. Provide mentorship to junior analysts and engineers. Maintain documentation of security procedures, incident More ❯

SOC Engineer £60,000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Engineer A leading organisation is seeking a Senior SOC Engineer to strengthen its security operations capability and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical … with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead … Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards to communicate security posture and incident trends. Partner with IT, DevOps, and compliance teams to enforce secure configurations. Provide mentorship to junior analysts and engineers. Maintain documentation of security procedures, incident More ❯

UK wide (remote, with 1–2 days a month in Glasgow) £57,000 + package The opportunity Our client is a global consultancy with one of the largest dedicated security practices in the industry. With over 7,500 security specialists worldwide, they partner with leading security technology providers to deliver mission-critical solutions for government and enterprise … clients. They’re now looking for a Senior SOC Analyst to join their UK Security Operations Centre. This is a chance to step into a senior role with real influence, where you’ll take the lead on escalated incidents, shape SOC processes, and mentor junior analysts — all while working mostly remote. What you’ll be doing Leading investigations … into escalated security events and incidents Driving containment, remediation, and root-cause analysis for major incidents Performing malware analysis, reverse engineering, and threat hunting Developing and optimising SIEM use cases (Splunk, QRadar) Shaping SOC runbooks, playbooks, and incident response procedures Supporting client stakeholders with incident reporting and recommendations Staying ahead of emerging threats and integrating threat intelligence Acting as More ❯

DevSecOps Engineer – Hybrid - Nottinghamshire - Up to £75000 + Bonus We’re seeking an experienced DevSecOps Engineer to take a leading role in strengthening our clients’ security operations. This is a hands-on, strategic position within the Technical Operations team, where you’ll set the direction for security practices, guide incident response, and support the growth of the … wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement, and maintain robust security controls across infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out … regular threat and vulnerability assessments, applying effective remediation strategies Coach and mentor colleagues, keeping the team ahead of evolving risks and technologies What you bring: Significant experience in security operations across both cloud and on-premise environments In-depth understanding of security monitoring solutions, frameworks, and standards (e.g., NIST, ISO 27001, CIS) Proficiency with automation and scripting More ❯

DevSecOps Engineer – Hybrid - Nottinghamshire - Up to £75000 + Bonus We’re seeking an experienced DevSecOps Engineer to take a leading role in strengthening our clients’ security operations. This is a hands-on, strategic position within the Technical Operations team, where you’ll set the direction for security practices, guide incident response, and support the growth of the … wider team. Your responsibilities: Lead on security incidents, managing investigations through to resolution Design, implement, and maintain robust security controls across infrastructure and applications Drive the creation and execution of incident response plans, ensuring continuous improvements Integrate security practices seamlessly into the DevOps pipeline Manage and optimise monitoring tools to provide real-time threat visibility Carry out … regular threat and vulnerability assessments, applying effective remediation strategies Coach and mentor colleagues, keeping the team ahead of evolving risks and technologies What you bring: Significant experience in security operations across both cloud and on-premise environments In-depth understanding of security monitoring solutions, frameworks, and standards (e.g., NIST, ISO 27001, CIS) Proficiency with automation and scripting More ❯

Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there … with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is … to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate More ❯

Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there … with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is … to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate More ❯

Glasgow, Scotland - United Kingdom Type: Permanent Senior SOC Analyst Location: Glasgow (hybrid) Salary: Up to £57,000 + package NOTE: Candidates for this role must be eligible for UK Security Clearance (SC). We are seeking a Senior SOC Analyst to join a growing Security Operations Centre team. This is a hybrid role based in Glasgow, offering … the opportunity to take a leading role in incident response and advanced security monitoring within a dynamic environment. As a Senior SOC Analyst, you will take ownership of escalated incidents from L1 and L2 analysts, leading investigations, performing root cause analysis, and guiding appropriate remediation actions. You will play a key role in developing SOC use cases, enhancing monitoring … interaction, and leadership, requiring someone who thrives in a fast-moving environment and is comfortable working with both technical and non-technical stakeholders. Key Responsibilities Lead investigations into escalated security incidents, including detailed analysis and root cause identification. Monitor and optimise SIEM tools (Splunk, QRadar, or similar), ensuring accurate detection and effective alerting. Perform malware analysis, reverse engineering, and More ❯

An opportunity has arisen for a Principal Security Analyst with a strong technical background and a passion for problem solving to join a growing UK MSSP. This role has no line management responsibility. Instead, the position is focused on being an escalation point for Senior Analysts, dealing with more complex alerts as well as identifying opportunities to tune, optimise … automate and improve relevant systems. The Role The Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the … is comfortable tackling complex problems and has experience in a SOC/MSSP environment. Essential Sentinel (specialist) SOC experience in an MSP/MSSP environment In depth understanding of security and analytical concepts Exposure to IT Security Operations in large and complex organisations Some coding ability Beneficial Splunk Palo Alto (XDR/XSIAM) Skills in Forensics Experience More ❯

SOC Lead £80000 GBP Hybrid WORKING Location: Glasgow, Scotland - United Kingdom Type: Permanent SOC Technical Security Service Delivery Manager Location: Glasgow (hybrid) Salary: Up to £85,000 (depending on experience) NOTE: Due to the nature of this client's work, you must be eligible for UK Security Clearance (SC). We're currently seeking a highly experienced SOC … Technical Security Service Delivery Manager to join a growing and innovative Security Operations Centre (SOC) function within a global, client-focused environment. This is a pivotal opportunity to lead and shape the delivery of security services for major clients while supporting a broader mission to build a more secure and resilient digital world. You will act … as a critical liaison between client stakeholders and internal operational teams, ensuring the delivery of world-class cyber security services. You'll drive incident response coordination, lead vulnerability management efforts, and ensure service excellence through strategic oversight and hands-on technical engagement. What You'll Be Doing Serve as the key point of contact and escalation for clients across More ❯

Remote (UK) Up to £95,000 + Benefits An opportunity has arisen for a Principal Security Analyst with a strong technical background and a passion for problem solving to join a growing UK MSSP. This role has no line management responsibility. Instead, the position is focused on being an escalation point for Senior Analysts, dealing with more complex alerts … as well as identifying opportunities to tune, optimise, automate and improve relevant systems. The Role The Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will … is comfortable tackling complex problems and has experience in a SOC/MSSP environment. Essential -Sentinel (specialist) -SOC experience in an MSP/MSSP environment -In depth understanding of security and analytical concepts -Exposure to IT Security Operations in large and complex organisations -Some coding ability Beneficial -Splunk -Palo Alto (XDR/XSIAM) -Skills in Forensics -Experience More ❯

Focus on continuing to develop dashboards, direct alerting, risk-based alerting, reports, and other objects as needed in Splunk. Continue to maintain a depth of knowledge within the cyber security field. This entails following threat actor activity targeting the industry and speaking knowledgeably at regular internal threat intelligence briefings. Leveraging threat intelligence, experience, and other inputs to perform active … advocate for improvements to configurations or technologies. Continue to develop and improve the Cyber Incident Response Plan and advocate for the program. Participate in on-call rotation for escalated security events.# QUALIFICATIONS Experience in having worked in a Security Operations, CSIRT, or similar role and able to demonstrate a passion in Cyber Security. Experience building out functions … Team such as an insider risk, threat intelligence, breach attack simulation, or similar programs. Strong understanding of the fundamentals such as packet, file, and log analysis. Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, data loss prevention, Endpoint Detection and Response (EDR), and SIEM (Splunk) Strong understanding More ❯

serving over 200 companies worldwide, we are following our mission of revolutionizing the way IT is deployed. Job Overview Job Description We are looking for a highly skilled Technical Operations Lead to join our Cybersecurity Investigations team. This role is pivotal in managing technical operations and ensuring the integrity, confidentiality, and availability of our digital assets through proactive … and by dedicating daily time to quality assurance activities such as reviewing individual ticket handling, providing constructive feedback, and identifying skill gaps for targeted development. Oversee all daily technical operations within the Cybersecurity Investigations team by ensuring established client security protocols are rigorously followed. Manage and coordinate all aspects of incident response and forensic investigations through following the … as the primary technical liaison between the client team and the UK Based Cybersecurity Investigations team and other departments, facilitating communication and cooperation, preparing detailed reports and presentations on security trends, incident status, and risk mitigation for senior management. Monitor scheduling to meet baseline standards, handle attendance, timecard tracking and ensure that team members are following applicable laws and More ❯

DOE + Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What … logic with threat intel, coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project Support: Support presales, contribute to new SOC solution scoping, and lead demos where required. What we're … looking for: Must hold or be eligible for SC Clearance (essential). Expertise with IBM QRadar (configuration, rule development, playbooks). 3-5 years+ experience in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and More ❯

Windows 10 endpoints from Legacy antivirus solutions (Symantec, McAfee) to Microsoft Defender for Endpoint (ATP). This critical role requires hands-on expertise in deploying, configuring, and managing Defender security controls, as well as strong problem-solving skills to investigate threats, remediate incidents, and collaborate with cross-functional teams to ensure secure and compliant endpoint protection Key Responsibilities: Lead … dashboards, exclusions, and reporting to ensure secure and compliant endpoint protection. Monitor, investigate, and remediate threats using Defender EDR, Threat & Vulnerability Management, and automated remediation to resolve high-priority security issues. Collaborate with cross-functional teams and stakeholders to provide end-to-end Defender support, documentation, and continuous security improvement. What You Will Ideally Bring: SC Clearance (preferred … Proven expertise in Microsoft security technologies, including Defender for Endpoint, O365, Identity, and Cloud App Security, with hands-on experience onboarding and managing Windows 10 devices. Strong background in Legacy AV solutions (Symantec, McAfee) with the ability to plan and execute smooth migrations to Microsoft Defender. Deep knowledge of endpoint security operations, including EDR, Threat & Vulnerability More ❯

client to create new and innovative tools for Operators to use during assessments of critical DoD and U.S. Government networks. Successful candidates will be passionate about supporting offensive cyber operations and customized tools for post-exploitation capabilities. The position is mostly Remote, however, there will be an occasional need to meet on-site at Fort Belvoir, VA, therefore, the … Object Files (BOFs), user-defined reflective loaders (UDRL), Aggressor Scripts (CNAs), and C/C C# tools. - Develop unique red team assessment tools for remote, local, and persistent cyber operations, including an implant, C2 server, redirector, and operator client. - Develop shell scripts (e.g., PowerShell, Bash, CMD) if the capability cannot be developed using a more advanced method such as … cyber incident response, cyber-criminal investigation, intrusion detection/analysis, designing countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities, cyber red teaming, network penetration testing, security operations center analysis, defensive cyber operations, or offensive cyber operations. (desired, not required) - Experience in malware development, analysis, binary disassembly, binary decomplication, network/communication protocol analysis More ❯

class security. You will work cross-functionally and collaborate with senior stakeholders across the business while working closely with Technology Services colleagues to implement procedural and technical aspects of Security Operations, including liaison and engagement with the MSSP/SOC. What will you be doing? In this role, you will play a key role in implementing, optimizing, and … are looking for people with: Legacy Environment Support (Essential): Providing operational support and maintenance for our Windows Server estate. Troubleshooting, patching, and managing upgrades to ensure system stability and security Supporting the transition of legacy workloads into modern cloud-native solutions where appropriate Compute & Infrastructure (Essential): Deploying, configuring, and optimising workloads using EC2 and related services Building and managing … usage Networking & Content Delivery (Essential): Configuring and maintaining VPCs, subnets, route tables, Transit Gateways, and VPNs Leveraging CloudFront, Route 53, and API Gateway for secure and scalable content delivery Security & Identity (Essential): Applying best practice security principles using IAM, KMS, Secrets Manager, and AWS Organisations Working with the Cyber Security team to embed compliance, monitoring, and governance More ❯

Lead, develop, and transform the IT infrastructure and security operations at one of the UK's leading fulfilment and logistics providers, with an ambitious growth strategy supported by cutting-edge technology You will be part of a dynamic, innovative environment where your leadership will directly influence customer service, operational efficiency, and scalability. MUST HAVE 3PL EXPERIENCE Location: East … stamp on the role. Exposure to a Growing Business: Join a forward-looking, recently acquired organisation and contribute to its ambitious growth journey. Variety of Responsibilities: Oversee infrastructure and security management alongside user support, ensuring a broad and engaging remit. Career Development Potential: Reporting directly to the CIO, you will have access to senior leadership, opening doors to further … engage directly with teams across locations, ideal for someone who enjoys building connections on the ground. Purpose of the Role You will be responsible for the stability, performance, and security of enterprise-wide technology platforms. This role combines strategic planning, operational leadership, and team development to support growth and drive innovation. Key Responsibilities Infrastructure & Cybersecurity Lead the design, implementation More ❯

Lead, develop, and transform the IT infrastructure and security operations at one of the UK's leading fulfilment and logistics providers, with an ambitious growth strategy supported by cutting-edge technology You will be part of a dynamic, innovative environment where your leadership will directly influence customer service, operational efficiency, and scalability. **MUST HAVE 3PL EXPERIENCE ** Location: East … stamp on the role. Exposure to a Growing Business: Join a forward-looking, recently acquired organisation and contribute to its ambitious growth journey. Variety of Responsibilities: Oversee infrastructure and security management alongside user support, ensuring a broad and engaging remit. Career Development Potential: Reporting directly to the CIO, you will have access to senior leadership, opening doors to further … engage directly with teams across locations, ideal for someone who enjoys building connections on the ground. Purpose of the Role You will be responsible for the stability, performance, and security of enterprise-wide technology platforms. This role combines strategic planning, operational leadership, and team development to support growth and drive innovation. Key Responsibilities Infrastructure & Cybersecurity Lead the design, implementation More ❯

Remote working. With trips to the client site UK Must hold Active SC clearance Rate £395.00 **Role Description:** The Senior SOC Analyst will play a vital role in our security operations, focusing on incident management and response to protect our organisation's assets. This position requires a highly skilled professional capable of performing in-depth incident analysis and … investigation, engaging with technical and business stakeholders, and providing expert advisory support. **Incident Management:** - Conduct thorough analysis to determine the causes of security incidents, ensuring a comprehensive understanding of attack paths. Utilise pre-defined playbooks and develop new procedures as necessary to enhance our incident response capabilities. - Liaise with technical and business owners of affected systems, particularly in cloud … data from various sources, including asset logs and SIEM platforms, and forensic artefacts. Prepare detailed analysis reports for incident management teams, ensuring incidents are adequately tracked and collaborating with SecOps and SOAR platform specialists to maintain optimal platform efficiency. - Oversee the preparation of incident reports, ensuring all templates and processes are current. Become the leading authority on cyber incident reporting More ❯

We are currently recruiting for a highly awarded Managed Security Service Provider for the role of Service Delivery Analyst. This is a fantastic opportunity to join a business known for its cutting-edge connectivity, cloud, and communications solutions. Role Overview *CANDIDATES MUST BE BASED IN THE UK* Location: Remote Package: £35,000- £45,000 per annum What you'll … meetings Acting as the primary liaison between internal technical teams and clients, ensuring service and technical delivery meet expectations Managing client handovers during transitions into Business-As-Usual (BAU) operations to ensure a smooth and consistent experience Gathering customer insights regularly to identify areas for improvement and uncover future service opportunities Tracking and managing customer action logs to ensure … timely resolution and follow-up Main Skills/Requirements: Candidates must be eligible for Security Clearance Proven experience as a Service Desk Analyst Essential experience working within a Security Operations Centre (SOC) function Strong knowledge of SOC tools such as Azure Sentinel, Microsoft Defender, or equivalent platforms Demonstrated success in client-facing roles, with excellent communication and More ❯

We are currently recruiting for a highly awarded Managed Security Service Provider for the role of Service Delivery Analyst. This is a fantastic opportunity to join a business known for its cutting-edge connectivity, cloud, and communications solutions. Role Overview *CANDIDATES MUST BE BASED IN THE UK* Location: Remote Package: £35,000- £45,000 per annum What you'll … meetings Acting as the primary liaison between internal technical teams and clients, ensuring service and technical delivery meet expectations Managing client handovers during transitions into Business-As-Usual (BAU) operations to ensure a smooth and consistent experience Gathering customer insights regularly to identify areas for improvement and uncover future service opportunities Tracking and managing customer action logs to ensure … timely resolution and follow-up Main Skills/Requirements: Candidates must be eligible for Security Clearance Proven experience as a Service Desk Analyst Essential experience working within a Security Operations Centre (SOC) function Strong knowledge of SOC tools such as Azure Sentinel, Microsoft Defender, or equivalent platforms Demonstrated success in client-facing roles, with excellent communication and More ❯

Senior SecOps Engineer Location – Fully Remote Salary - £80-90k + Bonus + Benefits Currently working with a UK Fintech firm who are in the process of building out their Cyber Defence capability and looking to bring in a Senior SecOps Engineer with experience working in cloud-native environment and automation-first mindset. This is a wide ranging role where … responsible for both Engineering and Analysis; monitoring and responding to incidents whilst also developing new detection rules and enhancing their monitoring infrastructure and tooling. This is a relatively greenfield SecOps environment where security and detections have been built in from inception at the development stage – that mindset and experience implementing and deploying Detection-as-Code (DAC) and Infrastructure-as … Code (IAC) will be essential. This is an incredible opportunity for an experienced SecOps specialist with experience of both SecOps Analysis and Engineering to join a growing yet established firm at a crucial point as they completely build out their Information and Cyber Security capability. Whilst they have the fundamentals in place, this is a relatively greenfield SOC buildout More ❯