Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Apr 20, 2026
Full time
Join our Asset Intelligence team The Asset Intelligence team provides a range of proactive services to assist clients with managing their estate and software procurement. Success. The Softcat Way. Softcat is a £1billion+ technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career. You will work with customers to manage their cloud spend using the FinOps framework. You will work with several customers and will support them through regular reviews. Your goal is to help customers get the most value from The Cloud, improve and enhance the FinOps offering at Softcat, and to mentor and train the next generation of FinOps Analysts. As Senior FinOps Analyst, you'll be responsible for: Forming trusted advisor relationships with enterprise scale clients. Acting as a SME for FinOps within Softcat. Setting long-term goals with customers, developing strategies to achieve them, and leading initiatives to drive FinOps adoption across the organization. Utilising industry-leading cloud management tooling and native tooling to proactively leverage FinOps data. Providing detailed reporting around cost visibility and optimisation, ensuring that insights reach the right stakeholders on the client side. Providing break/fix support around industry-leading cloud management solutions and leveraging the ticketing system (ServiceNow). Continuously improving FinOps processes and practices, including identifying areas for improvement, implementing best practices, and staying current with industry trends and development Developing and driving the service forward, proactively identifying efficiency opportunities within the team. Running 1 to 1s with members of the team. Mentoring junior staff. We'd love you to have Extensive FinOps knowledge FinOps Practitioner Certification is required (FinOps Certified Engineer desired) Knowledge of AWS, Azure, and GCP. Certified in: AZ900, AWS Certified Practitioner, AZ104 (desired), AWS - Certified Solutions Architect (desired) Extensive experience around multi cloud cost optimisation. Experience with cloud cost management tooling (CloudHealth, Cloudability, Flexera, and native tools). Ability to build relationships with multiple stakeholders within an enterprise customer. Proactively use your own skillset and that of the team to solve problems and challenges whilst supporting more junior members of the team in the same way. Ownership of your learning and development. We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don't hesitate to apply - we would love to hear from you! Work in a way that works for you We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Hybrid working Working flexible hours - flexing the times you start and finish during the day Flexibility around school pick up and drop offs Working with us Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background. Join us To become part of the success story, please apply now. If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence. You can find out more about life at Softcat and our commitments to diversity and inclusion at Here at Softcat, we don't prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
Apr 18, 2026
Full time
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
About the opportunity Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Complete the course and gain a guaranteed interview with a leading employer, helping you start your career protecting businesses, data, and digital systems. Course Details Start Date: 30/03 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thurs 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Successful participants are guaranteed an interview with us or our network of UK-wide partners working with leading brands. Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in Greater Manchester. Be aged 19 or over. Earn below the gross annual wage cap of £32,400. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
Apr 16, 2026
Full time
About the opportunity Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Complete the course and gain a guaranteed interview with a leading employer, helping you start your career protecting businesses, data, and digital systems. Course Details Start Date: 30/03 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thurs 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Successful participants are guaranteed an interview with us or our network of UK-wide partners working with leading brands. Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in Greater Manchester. Be aged 19 or over. Earn below the gross annual wage cap of £32,400. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
Apr 15, 2026
Contractor
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles & Starting Salaries: Cyber Security Analyst: £25,000 £35,000 IT Support Technician: £22,000 £26,000 Junior Penetration Tester: £24,000 £30,000 SOC Analyst: £25,000 £32,000 Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
Apr 14, 2026
Full time
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles & Starting Salaries: Cyber Security Analyst: £25,000 £35,000 IT Support Technician: £22,000 £26,000 Junior Penetration Tester: £24,000 £30,000 SOC Analyst: £25,000 £32,000 Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Oct 07, 2025
Contractor
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
Oct 06, 2025
Contractor
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
Oct 03, 2025
Contractor
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Oct 03, 2025
Contractor
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
Oct 03, 2025
Contractor
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Oct 03, 2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
Oct 01, 2025
Contractor
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
Launch Your Cyber Security Career - Job Guaranteed! Cyber attacks are rising, and companies need skilled professionals now more than ever. With Newto Training's Cyber Security Career Programme, you'll gain 4 top certifications (Azure Fundamentals, CompTIA Security+, CompTIA CySA+, Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per month We guarantee you will be offered a job upon completion, or we will refund you 100% of your course fees.
Sep 23, 2025
Full time
Launch Your Cyber Security Career - Job Guaranteed! Cyber attacks are rising, and companies need skilled professionals now more than ever. With Newto Training's Cyber Security Career Programme, you'll gain 4 top certifications (Azure Fundamentals, CompTIA Security+, CompTIA CySA+, Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per month We guarantee you will be offered a job upon completion, or we will refund you 100% of your course fees.
