Audit and restructure existing Terraform modules and state files. Migrate legacy configurations into unified, reusable templates. Implement security-focused Terraform modules with embedded guardrails and policy-as-code (e.g., Sentinel, OPA). Enforce GCP Org Policies with constraints like IP restrictions, network policy, access management, encryption, and region control for secure, compliant cloud governance. Implement automation pipelines for infrastructure-as … Infra Terraform/Terraform Cloud (IaC) Python Scripting Experience with Harness, Jenkins, GitHub Google Kubernetes (GKE), Container, Istio Service Mesh GCP Organisation Policy, Custom Org Policy (Policy as Code) Sentinel/OPA GCP and Terraform Certified Good to have: experience working in an IDE Platform for Cloud Engineering (e.g., Backstage) Desirable: Senior engineering skills as a GCP Cloud SME with More ❯
Audit and restructure existing Terraform modules and state files. Migrate legacy configurations into unified, reusable templates. Implement security-focused Terraform modules with embedded guardrails and policy-as-code (e.g., Sentinel, OPA). Enforce GCP Org Policies with constraints like IP restrictions, network policy, access management, encryption, and region control for secure, compliant cloud governance. Implement automation pipelines for infrastructure-as … Infra Terraform/Terraform Cloud (IaC) Python Scripting Experience with Harness, Jenkins, GitHub Google Kubernetes (GKE), Container, Istio Service Mesh GCP Organisation Policy, Custom Org Policy (Policy as Code) Sentinel/OPA GCP and Terraform Certified Good to have: experience working in an IDE Platform for Cloud Engineering (e.g., Backstage) Desirable: Senior engineering skills as a GCP Cloud SME with More ❯
and standards. Required Experience/Skills: 5 years' experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log … AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting More ❯
Portsmouth, yorkshire and the humber, united kingdom
Computappoint
and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log … AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting More ❯
Audit and restructure existing Terraform modules and state files. Migrate legacy configurations into unified, reusable templates. Implement security-focused Terraform modules with embedded guardrails and policy-as-code (e.g., Sentinel, OPA). Enforce GCP Org Policies with constraints like IP restrictions, network policy, access management, encryption, and region control for secure, compliant cloud governance. Implement automation pipelines for infrastructure-as … Infra Terraform/Terraform Cloud (IaC) Python Scripting Experience with Harness, Jenkins, GitHub Google Kubernetes (GKE), Container, Istio Service Mesh GCP Organisation Policy, Custom Org Policy (Policy as Code) Sentinel/OPA GCP and Terraform Certified Good to have: experience working in an IDE Platform for Cloud Engineering (e.g., Backstage) Desirable: Senior engineering skills as a GCP Cloud SME with More ❯
Audit and restructure existing Terraform modules and state files. Migrate legacy configurations into unified, reusable templates. Implement security-focused Terraform modules with embedded guardrails and policy-as-code (e.g., Sentinel, OPA). Enforce GCP Org Policies with constraints like IP restrictions, network policy, access management, encryption, and region control for secure, compliant cloud governance. Implement automation pipelines for infrastructure-as … Infra Terraform/Terraform Cloud (IaC) Python Scripting Experience with Harness, Jenkins, GitHub Google Kubernetes (GKE), Container, Istio Service Mesh GCP Organisation Policy, Custom Org Policy (Policy as Code) Sentinel/OPA GCP and Terraform Certified Good to have: experience working in an IDE Platform for Cloud Engineering (e.g., Backstage) Desirable: Senior engineering skills as a GCP Cloud SME with More ❯
hands-on leadership role where you’ll oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate … followed by 4 days off. What We’re Looking For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/ More ❯
and standards. Required Experience/Skills: 5 years’ experience in a SOC, security engineering, or cyber operations role. Strong hands-on experience with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log … AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting More ❯
hands-on leadership role where you'll oversee security monitoring, incident response, and continuous improvement of SOC operations. You'll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate … followed by 4 days off. What We're Looking For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/ More ❯
hands-on leadership role where you’ll oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate … followed by 4 days off. What We’re Looking For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/ More ❯
fantastic opportunity to work with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and … Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA More ❯
fantastic opportunity to work with enterprise-scale clients in a fast-paced, shift-based environment. You'll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and … Pattern: 2 days (6am-6pm), 2 nights (6pm-6am), followed by 4 days off. What We're Looking For: Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, Client Server applications, Firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (eg, CompTIA Security+, CEH, CPSA More ❯
should showcase your proficiency in a busy Security Operations Center with a technology-oriented attitude and the capacity to assume control. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. Role based on site in our Farnborough office and is shift work. 2 x … use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of … Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please More ❯
fantastic opportunity to work with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and … Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA More ❯
solutions: Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams and external managed SOCs. Continuously monitor, enhance, and report on security controls across cloud and infrastructure environments. … Cyber Essentials Plus, and other regulatory frameworks. What Were Looking For Proven experience in Cyber Security, Threat Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding of network security systems (Zscaler, Darktrace, Firewalls More ❯
Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
london (city of london), south east england, united kingdom
Cantor Fitzgerald
Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and … Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols. Understanding of network packet analysis using tools such as Wireshark and TCPDump. Collaboration and communication skills More ❯
Crawley, England, United Kingdom Hybrid / WFH Options
InfoSec People Ltd
incidents and lead on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in … and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and More ❯
incidents and lead on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in … and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and More ❯
chichester, south east england, united kingdom Hybrid / WFH Options
InfoSec People Ltd
incidents and lead on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in … and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and More ❯
clusters, Istio Service Mesh , and container orchestration. Audit and restructure existing Terraform modules and state files for scalability and compliance. Implement security-focused Terraform modules with policy-as-code (Sentinel, OPA). Enforce GCP Organisation Policies , including access, encryption, and network governance. Integrate IaC with CI/CD pipelines using tools such as Harness, Jenkins, and GitHub . Collaborate with … Service Mesh , and cloud automation. Skilled in CI/CD pipeline design (Harness, Jenkins, GitHub). Experience with GCP Organisation Policy , Custom Org Policies , and Policy-as-Code frameworks (Sentinel/OPA). Certified in Google Cloud and Terraform (Associate or Professional level). Excellent communication and stakeholder collaboration skills. If you are interested or would like to know more More ❯
