safety and security of organizations through proactive monitoring and incident response. Responsibilities: Provide continuous protective monitoring using state-of-the-art SIEM, IDS, and threatintelligence technologies. Offer expert advice and guidance to clients targeted by cyber attacks, maintaining high standards of support. Ensure timely and accurate … incident reporting to facilitate efficient response strategies. Collaborate with SOC team members during security incidents and Threat Mining exercises, including assistance with tool deployment and administration tasks. Provide support in active directory administration and firewall management. Skills/Must have: Strong analytical skills with the ability to interpret complex … data. Excellent communication skills, both verbal and written. Proficiency in industry-leading SIEM, IDS, and threatintelligence technologies. Ability to work effectively under pressure and adapt to rapidly changing situations. Prior experience with active directory administration and firewall management is desirable. Benefits: Opportunity to work in a dynamic more »
energy transition with more than 30,000 of the brightest minds across 54 countries. Here, what you do matters Job Overview: As the local Cyber management presence, provide guidance and support for the area. Establish role as a local presence and focal point for business and IT contact. Create … the relationships. As the local Cyber management presence, provide guidance and support for the area. Key Tasks and Responsibilities: Review, analyze, design, and advise on security controls, configurations, and implementations for IT projects Continuously improve the integration and effectiveness of implemented technologies Maintain awareness of cybersecurity threats, events, tactics … of findings and recommendations (root cause and risk analysis as needed Assist with forensic investigations and incident response team (CIRT) activities. Assign work to Cyber SOC for remediation Escalate pertinent findings in a timely manner Leverage vendors and internal resources to interface various security tools to automate critical response more »
Managed Security Service Provider (MSSP) with a wealth of experience gained in the Defence and Commercial sectors. We help organisations of all sizes build cyber-security capabilities and maintain compliance through practical Consulting and Managed Services. Our suite of services blends together best-in-breed technologies to provide real … time 24×7 monitoring, triage, remediation, threat assessment, vulnerability management, and Professional Services to give our Clients absolute peace of mind that their critical environments are protected. Our Security Operations Centre (SOC) delivers an array of services that provide our Customers with robust end-to-end cyber security … protection, from monitoring services to threat relevant detection content, from leading threatintelligence to a Customer focus that enables us to become our Customers’ trusted partner. Role Description Talion is looking for an individual to take responsibility for the delivery of several of our Managed Security Service more »
Greater Bristol Area, United Kingdom Hybrid / WFH Options
Logiq Consulting
incidents and vulnerabilities. Collaborate with other team members to further investigate incidents and propose responses and solutions. Report any new knowledge gained about existing cyber threats or vulnerabilities within their network so that future incidents can be prevented. Promote and evolve the company Security Operations Centre (SOC). Mature … play books, processes and procedures, and further integrate monitoring capabilities to enhance our SOC function. Utilise threatintelligence feeds to identify and respond to emerging threats and vulnerabilities in company IT systems. Collaborate with other team members to ensure that the company has the correct procedures in place … with recent NCSC guidance would be helpful. Experience in the Microsoft Sentinel and 365 Defender, being able to interpret and prioritise alerts, incidents and threat intelligence. Desirable Qualifications: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst Role Rewards more »
have a broad remit ensuring high availability and performance, and currently have a particular focus on security system efficiency, monitoring and sustainability, looking at threatintelligence, IAM, data and application security across the Kubernetes and Linux based environments. They are very open to background, but tend to look more »
Wrexham, Wales, United Kingdom Hybrid / WFH Options
SR2 | Socially Responsible Recruitment | Certified B Corporation™
genuinely makes their customers financially better off. This is a brand new role for the business and it plays a key part in the Cyber/Information Security function. You will drive and enhance their current operational processes and contribute across Security Assurance, Threat Detection, Risk Management, CPSM … Threat Intelligence. Skills required: Control Frameworks & Industry Standards (ISO27001, 27002, GDPR, NIST) Security Operations Performance Tracking Data Security, Malware Detection, Threat & Incident response For the right person this is a huge opportunity - considering the sustained growth that they're going through, this role has a dotted line to more »
environments Experience making and delivering internal training Experience of mentoring junior team members Certificates and Qualifications: Current CREST CCT-INF/CCT-APP or Cyber Scheme Team Leader (INF) or (APP) Current Check Team Leader (CTL) status Current SC clearance Good client facing skills Excellent written and spoken communication … united by one overall mission... to make the world safer, one business at a time. We are the "one-stop shop" for all things cyber and are working to build a centre of excellence for our customers by building an amazing place to work, learn and develop for our … sector organisations and businesses within the private sector. We're growing our business and our team through our continuous investment in developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threatintelligencemore »
Security Analyst Hybrid – Doncaster £25,000 - £35,000 Forward Role is partnered with an award-winning Cyber Security Company, their Security Operations Centre provides around the clock protective monitoring solutions to a client base that spans multiple industry verticals. Utilising industry-leading detection technology, the team of experienced SOC … in the Security Operations Centre on both reactive and proactive security engagements with regards to Security Information & Event Management (SIEM), Intrusion Detection Systems (IDS), CyberThreatIntelligence (CTI) and Threat Mining (TM). Role Responsibilities Provide around the clock protective monitoring through the use of industry … leading SIEM, IDS and threatIntelligence Technologies. Provide advice and guidance to client targets of cyber-attacks and malicious activity to a high standard. Provide incident reporting capabilities ensuring that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC more »
Leeds, England, United Kingdom Hybrid / WFH Options
Cyber Security Jobsite
Location(s): UK, Europe & Africa : UK : Leeds BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. The SOC will be staffed by a blend of customer and BAE Systems staff, based in multiple … the incoming shift Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful and unsuccessful intrusion attempts and compromises more »
than 50 countries deliver on five core areas: Organization Strategy, Assessment and Succession, Talent Acquisition, Leadership Development, and Total Rewards. We are expanding our Cyber Security Operations team in the UK and looking for a Senior Security Analyst to join the Global Team. You will play a crucial role … will need to commit to commuting to our London office circa 1-2 days per week and enjoy working remotely across the other days. Cyber attacks can happen at any time and our teams work in a flexible and agile manner to ensure there is a seamless operation across … the globe. You will be passionate about cyber security and thrive on continued professional development and increasing personal knowledge as the potential threat to cyber security becomes more complex. You must be able to work proactively to reduce the risk posed to the company. You will hold more »
I’m working with a boutique consultancy, who are seeking to grow to their existing cyber function with another dedicated incident response/threat hunting specialist. This role is varied, offering the incumbent an opportunity to conduct incident response and threat hunting engagements. Some of your responsibilities … will be as follows: Work closely with clients going through cyber incidents, which may include Ransomware, BEC and cloud incidents. Working closely with the wider cyber function, including but not limited to threatintelligence and forensics to assist with investigations and improve the threat hunting … service. Create and improve playbooks/runbooks. Conduct threat hunting engagements. Conduct research focused tasks; including but not limited to APT tracking and malware analysis. In order to be successful in your application, you will need: At least 3 years cyber incident response experience. Certifications such as GCIH more »
Leatherhead, England, United Kingdom Hybrid / WFH Options
Zest
Committee where appropriate. Security Audits and Certifications: Coordinate regular internal and external audits and address any issues raised to maintain certifications (currently ISO27001 and Cyber Essentials Plus), which are essential in demonstrating our commitment to information security to our clients. Security Training: Deliver information security awareness training for all … employees. Security Operations ThreatIntelligence: Stay abreast of the latest cybersecurity threats and trends to inform strategic security planning. Security Infrastructure: Oversee the installation and maintenance of security systems, controls and infrastructure. Incident Management: Take charge of the response to all information security and data protection incidents and more »
preparation and delivered Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Understand ThreatIntelligence and its use in an operational environment Produce new workflows for automation into SOAR tools for common attack types. Continually improve the service and review use cases and propose changes and enhancements in line with the changing threat. SOC Analyst Technical Experience: Basic Python and/or … using Splunk and Sentinal Working with a range of security tooling/technology Strong understanding of security architecture, in particular networking Detailed understanding of threatintelligence and threat actors, TTPs and operationalising threat intelligence. Experience in investigating complex network intrusions (by state-sponsored groups or targeted more »
triage security alerts escalated from Tier 1 SOC analysts, determine severity and potential impact of the incident, and follow the triage process until closure. •Threat Analysis: Conduct in-depth analysis of security events to identify malicious activities, tactics, techniques, and procedures used by threat actors. •Security Incident Handling … Security Tool Management: Managing and configuring security tools, specifically Microsoft Sentinel and the Microsoft Defender suite including Defender for Cloud and Microsoft 365 Defender. •ThreatIntelligence: Utilizing threatintelligence feeds and sources to stay up-to-date with the latest threats and vulnerabilities. •Collaboration: Collaborating with … in Kusto Query Language (KQL). Experience with the creation, configuration and use of Playbooks, Notebooks and Workbooks. Strong understanding of advanced cybersecurity concepts, threat landscape, and attack methodologies. Demonstrated experience in conducting in-depth incident analysis, threat hunting, and forensic investigations. more »
ensuring the security and reliability of our nation's energy supply. We are looking for a dynamic and skilled CSOC Analyst to join our Cyber Security Operations Centre (CSOC) team. Key Responsibilities: Monitor, detect, and respond to cyber security incidents in real-time and from various sources, such … as network, endpoint, cloud, and threat intelligence. Conduct in-depth analysis of security events and alerts to identify potential threats. Identify and prioritize the cyber security incidents and escalate them appropriately. Contribute to the development and improvement of the SOPs and Playbooks for CSOC. Contribute to the development … and implementation of the CSOC processes, technologies, and capabilities. Report and communicate the cyber security status, trends, and issues to the CSOC team leader. Enrich log data with ThreatIntelligence to provide context for observed suspicious events. Requirements: Bachelor's degree in Cybersecurity, Information Technology, or related more »
pivotal role as this vendor looks to expand their offerings across the UK and Central Europe. We are looking for someone with experience in cyberthreatintelligence sales who has taken ownership of the entire sales process, from cradle to grave. We are looking to speak with … business growth Your sales experience is from dealing with leading enterprise companies or organisations, communicating and closing deals with CISOs, CSOs, CIOs, Heads of Intelligence or equivalent level of seniority Positive, energetic and driven by achieving personal and company/team success You enjoy working in a fast-paced more »
Cyber Security Engineers/Analyst Inside IR35 Circa £700 per day DV Clearance essential Hybrid 1-2 days per week (Flexible) Multiple sites Core Tech Skills required are ELK (Elastic, Logstash, Kibana) and Tanium Role duties - • Develop and integrate security event monitoring and incident management services. • Respond to security … investigative methods using the SOC’s software toolsets to enhance recognition opportunities for specific analysis. • Maintain a baseline of system security according to latest threatintelligence and evolving trends. • Participate in root cause analysis of incidents in conjunction with engineers across the enterprise. • Provide Subject Matter Expertise (SME … incident. • Document, validate and create operational processes and procedures to help develop the SOC. • Assist in identifying, prioritising, and coordinating the protection of critical cyber defence infrastructure and key resources. • Build, install, configure, and test dedicated cyber defence hardware. • Support Junior Analysts to manage SOC systems. • Previous experience more »
Analyst. You will be responsible for maintaining and improving all security operational procedures, processes and technical controls, monitoring, detecting and responding to security threats, threat hunting, threatintelligence and the management of security testing in order to reduce operation information security risks. Role responsibilities : Configuration and scheduling … for scheduled audits. Ensuring effective communication and prioritisation of incidents between the Security Operations Center and support teams. Supporting the ISI process for major cyber incidents. KPI SecOps reporting Proactive searching, identification and resolution of IOCs and IOBs. Optimisation of Information Security systems. Responsible for enforcing secure configurations and more »
of security tools such as SIEM, Firewalls and Cloud Security to monitor systems Providing Windows Server and Network Support Assess and respond to external threatintelligence reports Support ISO27001, Cyber Essentials Plus and other internal and external audit programme Implement and improve technical processes to create efficient more »
Linux Experience *BONUS SKILLS* Has a passion for Security Enjoys solving problems Is naturally inquisitive Understands the phases of security incident response and the Cyber Kill Chain *RESPONSIBILITIES* Analysis and investigation of alerts arising from Security Information and Event Management tools General day to day maintenance of the SIEM … tools to track and analyze events and abnormal user behaviors in order to identify and understand potential breaches, malware and other malicious activities Using ThreatIntelligence Services to identify both known and potential new threats and develop new mitigations Working with customer security teams to detect, contain and more »
London, England, United Kingdom Hybrid / WFH Options
Control Risks
In this role you will be responsible for conducting desktop research into cyber and online threats, to enrich our CyberThreatIntelligence reporting. This role will primarily involve contributing regular reporting for Control Risks' clients that subscribe to our intelligence platform, as well as supporting … new sources of information and develop capabilities to collect and analyse information in support of the team. Demonstrate strong investigation skills relating to specific cyberthreat incidents, data breaches and other cyber security incidents. Build knowledge of collection tools to support bespoke investigative projects and Cyber … engagements. Conduct research on topics which support other service lines, notably Global Risk Analysis, Compliance Forensics and Investigations, and Response. Develop knowledge of principal cyber and online threat actors through research on open source, social media, deep and dark web sites and Control Risks internal intelligence systems. more »
About this Role Role Title: Threat & Vulnerability Lead Location: UK- London La Fosse Associates are working with a global Insurance business who are looking to add a Threat & Vulnerability Lead to their strong internal security function. You will report directly into the BISO and be a senior individual … within their existing team. You will be joining the UK entity of their Security team to lead on vulnerability scanning and threatintelligence reporting. They are a large organisation with a huge amount of vulnerabilities and need somebody who understands how to approach on this scale. You will … Qualys around ingesting the data then prioritsing and guding the patching team on what to tackle first. There will also be additional projects around threat-led penetration testing and various PenTest frameworks. In this role you will: Prioritise and coordinate remediation of vulnerabilities Work alongside senior stakeholders in the more »
ensure the effective support and delivery of the following: Provide around the clock protective monitoring through the use of industry leading SIEM, IDS and threatIntelligence Technologies. Provide advice and guidance to client targets of cyber attacks and malicious activity to a high standard. Provide incident reporting … that all information is provided in a timely, accurate and effective manner. Provide analytical support to other SOC team members during security incidents and Threat Mining engagements. Assistance with onboarding process - deployment of SIEM, EDR and Vulnerability Management tools Direct communication with customers on threats and alerts Providing customers … will exhibit the following key skills and/or traits: Excellent communication skills and comfortable in a client facing role. A keen interest in cyber security and associated industries. A heightened awareness of current affairs in the cyber security industry. Proven ability to effectively communicate when under pressure more »
exercises and exceptional experiences for our customers. A day in the life of a NetSPI Red Team Operator: Plan, lead, and execute both regulated (threatintelligence-led), and non-regulated Red Team Operations. Utilize sophisticated technologies and capabilities to simulate complex attacks against mature, highly defended networks. Research … used in the wider ecosystem. Contribute to the information security community through the development of tools, presentations, white papers, and blogs. Requirements: Experience performing threatintelligence-led red teaming in accordance with a variety of regulatory frameworks (i.e., CBEST, GBEST, TIBER-XX, iCAST, CORIE, FEER, AASE, etc). more »
matters to our local business and communities – supporting technical innovation and adoption of cutting-edge solutions across the UK. Working on complex engagements in Cyber Defence this team is responsible for the delivery of cutting-edge technical solutions and trusted to get it right first time. KPMG is one … Why Join KPMG Technology and Engineering as a Senior Penetration Tester? We have an exciting opportunity for a manager to join our friendly, passionate Cyber Defence team to provide our clients with excellent service across technical assurance and penetration testing. The team live and breathe hacking and information security … and offer unique opportunities across government and commercial engagements. The KPMG’s Cyber Defence (CDS) Team has a long and successful history in KPMG, our clients are diverse, and we cover many sectors with particular specialisms in Government, High-end Defence Assurance and Telecommunications. We work closely with the more »