Join the Littlefish team! Job Details Work location: Remote Salary: Up to £85,000 Clearance: Must be eligible for SC Clearance (UK resident for the last 5 years) and NPPV2 clearance Here at Littlefish, we look for people who can make a real difference and become a giant slayer. As the world around us continues to change, we look for people who grab that change with optimism and excitement. These are the passionate and high performing people who enjoy and thrive on thinking outside the box. Role Overview Littlefish are looking for an experienced CSOC Manager to lead and evolve our Cyber Security Operations Centre, supporting a growing mid market and enterprise client base. This role sits at the intersection of security operations leadership, service delivery, and technical credibility. You'll be responsible for the day to day effectiveness of the CSOC, the development of a 24/7 analyst function, and the continuous improvement of our detection and response services. You'll mentor and lead a team of SOC analysts, strengthen operational processes, and ensure our services consistently meet - and where possible exceed - contractual and client expectations. You'll also act as a senior escalation point, providing calm, informed leadership during incidents and out of hours situations. Key Responsibilities Owning CSOC service performance, ensuring KPIs, SLAs and security standards are consistently met. Leading, developing and mentoring a client specific SOC team, including oversight of shift leaders and analyst capability. Reviewing and improving SOC processes, procedures and operational frameworks. Managing analyst resourcing across BAU, escalations, and project work. Providing senior cyber security guidance to internal stakeholders and to current and prospective clients. Acting as the final escalation point for on call incidents (rota based, paid on call). Supporting service improvement initiatives across SIEM, EDR, email security and associated detection and response tooling. Developing and maintaining customer relationships to promote a partnership between Littlefish and the end client. Required Skills and Experience Solid previous experience in Security Operations. Previous experience leading or mentoring a technical security team. Strong exposure to customer facing security services and contractual delivery. Hands on experience with SIEM, IDP, ITDR, EDR and email security platforms. Proven ability to mentor analysts at varying levels of experience. Strong understanding of modern cyber threats, attack techniques and compromise methods. Experience investigating alerts, triaging incidents and guiding response actions. Ability to translate technical findings into clear, actionable output for both technical and non technical audiences. Confidence interpreting threat intelligence and applying it meaningfully across a client security estate. Comfortable producing operational and service delivery reports. What We Offer Healthcare cash plan. This will give you access to online GP appointments, 24/7 access to qualified counsellors and cash back against a range of general healthcare. Referral bonus scheme of £1000 when you successfully refer a friend. Access to our LinkedIn Learning platform, with over 16000 expert-led online tutorials to enhance and achieve your personal and professional goals. Casual dress policy. Company Pension Scheme. Company social events. 25 days annual leave plus public / bank holidays. Purchase of annual leave scheme. Life at Littlefish Our company values shape who we are as a business, what we stand for and how we work. Hiring people with our values at heart, is very important as we see Littlefish grow. I am High Performing- I like to raise the bar, we look at creating opportunities to increase quality and improve efficiency, we strive for service excellence. I am Passionate- We build team success and celebrate them together, I am enthusiastic and energetic, I care about the people I work with and we support one another. I Have a Can-Do Attitude - I am not afraid to step outside my comfort zone, we are not afraid to challenge status quo, we get stuff done! So, if you feel like you can make a tangible difference, apply today, and join us on this journey. Here at Littlefish we aim to be somewhere everyone can be themselves. We are committed to encouraging a diverse and inclusive community where everyone irrespective of who they are, or their background, can feel equal and supported. We encourage applications from people of all backgrounds. Please get in touch if you are concerned about any difficulties you may face during your recruitment process, so we adjust accordingly. Part of our application process includes a set of ED&I (Equality, diversity and inclusion) questions. Please note, each question has a 'prefer not to say' option.
Apr 26, 2026
Full time
Join the Littlefish team! Job Details Work location: Remote Salary: Up to £85,000 Clearance: Must be eligible for SC Clearance (UK resident for the last 5 years) and NPPV2 clearance Here at Littlefish, we look for people who can make a real difference and become a giant slayer. As the world around us continues to change, we look for people who grab that change with optimism and excitement. These are the passionate and high performing people who enjoy and thrive on thinking outside the box. Role Overview Littlefish are looking for an experienced CSOC Manager to lead and evolve our Cyber Security Operations Centre, supporting a growing mid market and enterprise client base. This role sits at the intersection of security operations leadership, service delivery, and technical credibility. You'll be responsible for the day to day effectiveness of the CSOC, the development of a 24/7 analyst function, and the continuous improvement of our detection and response services. You'll mentor and lead a team of SOC analysts, strengthen operational processes, and ensure our services consistently meet - and where possible exceed - contractual and client expectations. You'll also act as a senior escalation point, providing calm, informed leadership during incidents and out of hours situations. Key Responsibilities Owning CSOC service performance, ensuring KPIs, SLAs and security standards are consistently met. Leading, developing and mentoring a client specific SOC team, including oversight of shift leaders and analyst capability. Reviewing and improving SOC processes, procedures and operational frameworks. Managing analyst resourcing across BAU, escalations, and project work. Providing senior cyber security guidance to internal stakeholders and to current and prospective clients. Acting as the final escalation point for on call incidents (rota based, paid on call). Supporting service improvement initiatives across SIEM, EDR, email security and associated detection and response tooling. Developing and maintaining customer relationships to promote a partnership between Littlefish and the end client. Required Skills and Experience Solid previous experience in Security Operations. Previous experience leading or mentoring a technical security team. Strong exposure to customer facing security services and contractual delivery. Hands on experience with SIEM, IDP, ITDR, EDR and email security platforms. Proven ability to mentor analysts at varying levels of experience. Strong understanding of modern cyber threats, attack techniques and compromise methods. Experience investigating alerts, triaging incidents and guiding response actions. Ability to translate technical findings into clear, actionable output for both technical and non technical audiences. Confidence interpreting threat intelligence and applying it meaningfully across a client security estate. Comfortable producing operational and service delivery reports. What We Offer Healthcare cash plan. This will give you access to online GP appointments, 24/7 access to qualified counsellors and cash back against a range of general healthcare. Referral bonus scheme of £1000 when you successfully refer a friend. Access to our LinkedIn Learning platform, with over 16000 expert-led online tutorials to enhance and achieve your personal and professional goals. Casual dress policy. Company Pension Scheme. Company social events. 25 days annual leave plus public / bank holidays. Purchase of annual leave scheme. Life at Littlefish Our company values shape who we are as a business, what we stand for and how we work. Hiring people with our values at heart, is very important as we see Littlefish grow. I am High Performing- I like to raise the bar, we look at creating opportunities to increase quality and improve efficiency, we strive for service excellence. I am Passionate- We build team success and celebrate them together, I am enthusiastic and energetic, I care about the people I work with and we support one another. I Have a Can-Do Attitude - I am not afraid to step outside my comfort zone, we are not afraid to challenge status quo, we get stuff done! So, if you feel like you can make a tangible difference, apply today, and join us on this journey. Here at Littlefish we aim to be somewhere everyone can be themselves. We are committed to encouraging a diverse and inclusive community where everyone irrespective of who they are, or their background, can feel equal and supported. We encourage applications from people of all backgrounds. Please get in touch if you are concerned about any difficulties you may face during your recruitment process, so we adjust accordingly. Part of our application process includes a set of ED&I (Equality, diversity and inclusion) questions. Please note, each question has a 'prefer not to say' option.
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
Apr 23, 2026
Full time
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
Technology Security Analyst Glasgow, Edinburgh, Portsmouth £55.5k-£66.7k per annum (Dependent on skills & qualifications) Full-time Joint-contribution pension from 6% (12% total) - Enhanced maternity & family leave - Life assurance - HolidayPlus - Virtual GP & Employee Assistance Programme plus retail and leisure discounts & many more. REQ5619 We are looking for a Security Operations Analyst to join us and ensure our IT and OT networks are secure and compliant. You will act as an SGN Security subject matter expert and act as the primary contact when assisting with Security incident remediation. We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission. Here's how you will contribute Providing support to different Security functions, including OT Security, Governance Risk and Compliance, Security Assurance and other key business needs Ensuring security metrics are well documented and presented at monthly reviews Being a subject matter expert and remaining up to date on cutting-edge technology, providing technical/nontechnical security support to the wider SGN Security team and organisation Working alongside third-party network vendors, coordinating security activities Support with varied tasks, including internal and external audits, penetration testing activities and input into Incident & Lessons Learnt calls to identify solutions Ensuring security policies are enforced and completing routine technical vulnerability assessments, working with IT Security Leads to propose and coordinate delivery of mitigating actions and required solutions Attend head office in Portsmouth at least once a quarter What you will need We're looking for a blend of skills and attributes that make you a great fit for this role. If you don't tick every box, don't worry - we provide tailored learning and development programs to help you grow and succeed with us. You hold a degree or equivalent career experience in a relevant discipline Experience with cloud computing services (IaaS, PaaS, SaaS), in particular AWS, MS Sentinel and Defender Proven experience in some or all of the following Sec Ops domain areas: Monitoring, investigating & performing triage on security alerts, Threat & Vulnerability Management, Security Incident handling, Security Intelligence analysis, SOC Tools administration & Security Forensics, Security Engineering You have good understanding and experience of Cyber Security Frameworks and standards (NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc) You have great attention to detail, a confident communicator across various business levels and decision-maker when required Having experience in a cyber security role, IT support role and/or a background in infrastructure/endpoint support is essential Not sure you meet every requirement? Research shows some people - particularly women and those from underrepresented backgrounds - may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences and perspectives. If this role interests you but you're not sure you tick every box, we'd still love to hear from you. You might be just who we're looking for - now or in the future. Why SGN? SGN leads pioneering research and development for a energy system. Our innovative technologies are transforming the gas industry while keeping people safe and warm. We are an award-winning employer, including CCA Gold Awards for Great Places to Work and Inclusivity and Accessibility , and a proud Gold member of the Armed Forces Covenant. If you require any accommodations or support during the application process, reach out to us. We're here to help ensure an inclusive and accessible experience for everyone.
Apr 22, 2026
Full time
Technology Security Analyst Glasgow, Edinburgh, Portsmouth £55.5k-£66.7k per annum (Dependent on skills & qualifications) Full-time Joint-contribution pension from 6% (12% total) - Enhanced maternity & family leave - Life assurance - HolidayPlus - Virtual GP & Employee Assistance Programme plus retail and leisure discounts & many more. REQ5619 We are looking for a Security Operations Analyst to join us and ensure our IT and OT networks are secure and compliant. You will act as an SGN Security subject matter expert and act as the primary contact when assisting with Security incident remediation. We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission. Here's how you will contribute Providing support to different Security functions, including OT Security, Governance Risk and Compliance, Security Assurance and other key business needs Ensuring security metrics are well documented and presented at monthly reviews Being a subject matter expert and remaining up to date on cutting-edge technology, providing technical/nontechnical security support to the wider SGN Security team and organisation Working alongside third-party network vendors, coordinating security activities Support with varied tasks, including internal and external audits, penetration testing activities and input into Incident & Lessons Learnt calls to identify solutions Ensuring security policies are enforced and completing routine technical vulnerability assessments, working with IT Security Leads to propose and coordinate delivery of mitigating actions and required solutions Attend head office in Portsmouth at least once a quarter What you will need We're looking for a blend of skills and attributes that make you a great fit for this role. If you don't tick every box, don't worry - we provide tailored learning and development programs to help you grow and succeed with us. You hold a degree or equivalent career experience in a relevant discipline Experience with cloud computing services (IaaS, PaaS, SaaS), in particular AWS, MS Sentinel and Defender Proven experience in some or all of the following Sec Ops domain areas: Monitoring, investigating & performing triage on security alerts, Threat & Vulnerability Management, Security Incident handling, Security Intelligence analysis, SOC Tools administration & Security Forensics, Security Engineering You have good understanding and experience of Cyber Security Frameworks and standards (NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc) You have great attention to detail, a confident communicator across various business levels and decision-maker when required Having experience in a cyber security role, IT support role and/or a background in infrastructure/endpoint support is essential Not sure you meet every requirement? Research shows some people - particularly women and those from underrepresented backgrounds - may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences and perspectives. If this role interests you but you're not sure you tick every box, we'd still love to hear from you. You might be just who we're looking for - now or in the future. Why SGN? SGN leads pioneering research and development for a energy system. Our innovative technologies are transforming the gas industry while keeping people safe and warm. We are an award-winning employer, including CCA Gold Awards for Great Places to Work and Inclusivity and Accessibility , and a proud Gold member of the Armed Forces Covenant. If you require any accommodations or support during the application process, reach out to us. We're here to help ensure an inclusive and accessible experience for everyone.
# About the Business Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation. Quilter oversees £141.2 billion in customer investments (as of December 2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning - offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it's the perfect time to join us!# About the Role Level: 3Location: LondonDepartment: Operational Resilience & PropertyContract: PermanentThe Lead Intelligence Analyst Role in the Resilience and Crisis Team (RCT) sits within a team of two operational resilience specialists, a lead Analyst focused on Incident Response and one Analyst to support with Intelligence gathering, assessment and prioritisation.The Lead intelligence Analyst is responsible for the proactive collection, analysis, evaluation and dissemination of all-source material within the 24/7 Resilience and Crisis Team, alongside the Analyst. They are responsible for ensuing intelligence threat trends are accurate and reflected in the testing and exercising prioritisation schedule across the business. They will prepare briefings for intelligence threats across the Quilter business, including travel risk assessments and briefings for staff.The RCT is responsible for ensuring all work conducted is of direct relevance to protecting both the organisation and the safety and security of company personnel, property and reputation. Key Responsibilities: To consistently produce high quality assessments and reports relating to tactical threats as well as insightful strategic analysis to inform Resilience and Crisis Team functions. Work within a 24/7 RCT to fully support the requirements of the business, including an On Call Rota. Maintain, and further develop, intelligence flows and analytical applications within the RCT. Participate in special projects as required by the RCT Manager. Work with existing members of staff to meet existing intelligence requirements and establish best practice. Lead subject matter expertise work streams as directed by the RCT Manager. Support the facilitation of crisis management training, deliver specialist presentations and design crisis exercise scenarios. Utilise intelligence related tools and platforms to ensure intelligence is up to date. Forge relationships with Operational Resilience, Crisis Management and Cyber Threat SME's across both the private and public sectors. Review updates in relation to resilience and crisis management activities to determine necessary changes to supporting governance documentation. Take ownership of documentation reviews based on business and regulatory changes ensuring frameworks, standards and procedures remain robust and compliant.# About You Outstanding interpersonal skills to create effective and enduring relationships with internal and external stakeholders who work closely with the RCT and across the business. Exceptional research and analytical skills across all -source streams. Excellent written and communication skills. Experience in providing both written and verbal briefings on Intelligence Threats. Strong time management. An innovative thinker with the ability to work independently within a fast-paced environment. Highly skilled in interpreting, and developing, inferences from multiple intelligence products. An investigative mindset. Sound judgement when prioritising conflicting demands. Positive, self-motivated and dedicated to task delivery. A team player who is proactive in supporting others and sharing knowledge. Qualifications: Qualifications in any relevant field are preferred, but not required, or relevant operational experience gained in a Corporate, Military, Law Enforcement or Government agency sphere. Inclusion & Diversity We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive. Values Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities. Always curious: We continuously seek new ideas and knowledge so we're one step ahead of our clients' needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures. Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation. Stronger together: Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions. Core Benefits Holiday: 182 hours (26 days) Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution. Pension Scheme: A non-contributory company pension scheme that can be boosted through personal contributions. Private Medical Insurance: Single cover as standard with options to increase cover to include your partner or children. Life Assurance: 4x your salary. Income Protection: 75% of salary, less state benefits, payable after 26 weeks of absence. Healthcare Cash Plan: Jersey employees only In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction. We create brighter financial futures for every generation.We do this by guiding our customers and their families through the complexity of planning for their financial future, responding to their rapidly evolving needs and giving them peace of mind. And, with all that's happening in the world today, our role in society has never been more meaningful.Our impressive talents and capabilities set us apart, but our unwavering commitment to our customers is what defines us. We truly believe that we have all the ingredients to be the very best in our industry, and we want great people with the care and creativity that we need, to help us get there.We are passionate about building an inclusive culture where everyone's contribution is valued, and
Apr 22, 2026
Full time
# About the Business Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation. Quilter oversees £141.2 billion in customer investments (as of December 2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning - offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it's the perfect time to join us!# About the Role Level: 3Location: LondonDepartment: Operational Resilience & PropertyContract: PermanentThe Lead Intelligence Analyst Role in the Resilience and Crisis Team (RCT) sits within a team of two operational resilience specialists, a lead Analyst focused on Incident Response and one Analyst to support with Intelligence gathering, assessment and prioritisation.The Lead intelligence Analyst is responsible for the proactive collection, analysis, evaluation and dissemination of all-source material within the 24/7 Resilience and Crisis Team, alongside the Analyst. They are responsible for ensuing intelligence threat trends are accurate and reflected in the testing and exercising prioritisation schedule across the business. They will prepare briefings for intelligence threats across the Quilter business, including travel risk assessments and briefings for staff.The RCT is responsible for ensuring all work conducted is of direct relevance to protecting both the organisation and the safety and security of company personnel, property and reputation. Key Responsibilities: To consistently produce high quality assessments and reports relating to tactical threats as well as insightful strategic analysis to inform Resilience and Crisis Team functions. Work within a 24/7 RCT to fully support the requirements of the business, including an On Call Rota. Maintain, and further develop, intelligence flows and analytical applications within the RCT. Participate in special projects as required by the RCT Manager. Work with existing members of staff to meet existing intelligence requirements and establish best practice. Lead subject matter expertise work streams as directed by the RCT Manager. Support the facilitation of crisis management training, deliver specialist presentations and design crisis exercise scenarios. Utilise intelligence related tools and platforms to ensure intelligence is up to date. Forge relationships with Operational Resilience, Crisis Management and Cyber Threat SME's across both the private and public sectors. Review updates in relation to resilience and crisis management activities to determine necessary changes to supporting governance documentation. Take ownership of documentation reviews based on business and regulatory changes ensuring frameworks, standards and procedures remain robust and compliant.# About You Outstanding interpersonal skills to create effective and enduring relationships with internal and external stakeholders who work closely with the RCT and across the business. Exceptional research and analytical skills across all -source streams. Excellent written and communication skills. Experience in providing both written and verbal briefings on Intelligence Threats. Strong time management. An innovative thinker with the ability to work independently within a fast-paced environment. Highly skilled in interpreting, and developing, inferences from multiple intelligence products. An investigative mindset. Sound judgement when prioritising conflicting demands. Positive, self-motivated and dedicated to task delivery. A team player who is proactive in supporting others and sharing knowledge. Qualifications: Qualifications in any relevant field are preferred, but not required, or relevant operational experience gained in a Corporate, Military, Law Enforcement or Government agency sphere. Inclusion & Diversity We value diversity and strive to promote inclusivity in all aspects of our culture. We believe in equal opportunities for all, ensuring that no applicant encounters less favourable treatment based on anything but their skills, qualifications, experience, and potential. We celebrate the unique contributions of a diverse workforce and create a respectful, nurturing environment where every colleague can thrive. Values Do the right thing: We act with integrity and are proudly committed to going above and beyond in service of our clients and the support we provide our communities. Always curious: We continuously seek new ideas and knowledge so we're one step ahead of our clients' needs. We look for inspiration everywhere and encourage experimentation, recognising that this is how we create brilliant solutions for brighter futures. Embrace challenge: We aim high to transform our potential into meaningful outcomes. With ambition as our driving force and a steadfast commitment to growth, we succeed for the good of every generation. Stronger together: Combining our diverse talents, we accomplish more collectively than we ever could do alone. We speak openly, actively listen, and support each other, and constructively challenge and embrace new ideas. We seek empowerment and demonstrate ownership and trust, with the confidence to make impactful decisions. Core Benefits Holiday: 182 hours (26 days) Quilter Incentive Scheme: All employees are eligible to participate in incentive scheme, to incentivise business performance and their contribution. Pension Scheme: A non-contributory company pension scheme that can be boosted through personal contributions. Private Medical Insurance: Single cover as standard with options to increase cover to include your partner or children. Life Assurance: 4x your salary. Income Protection: 75% of salary, less state benefits, payable after 26 weeks of absence. Healthcare Cash Plan: Jersey employees only In addition to our core benefits, we offer a range of flexible benefits to UK employees that you can choose from and pay for conveniently via a salary deduction. We create brighter financial futures for every generation.We do this by guiding our customers and their families through the complexity of planning for their financial future, responding to their rapidly evolving needs and giving them peace of mind. And, with all that's happening in the world today, our role in society has never been more meaningful.Our impressive talents and capabilities set us apart, but our unwavering commitment to our customers is what defines us. We truly believe that we have all the ingredients to be the very best in our industry, and we want great people with the care and creativity that we need, to help us get there.We are passionate about building an inclusive culture where everyone's contribution is valued, and
Roke Manor Research Limited
Gloucester, Gloucestershire
Posted Friday 19 September 2025 at 00:00 Great ideas come from different minds. That's why we bring together engineers, scientists, analysts, and creatives from every background - and give them the trust, tools, and freedom to make a difference. What connects us is the mission: solving meaningful problems and building capability that protects what matters most. And as the challenges evolve, so do we - working on the technologies that will shape tomorrow, not just today. Full Stack Software Engineer National Security Business Be part of a growing and highly trusted supplier into the NS domain working to deliver mission critical solutions helping to keep the nation safe, secure and prosperous. Working on leading edge technology solutions including AI/DS, Cyber, Cloud, DevOps/SRE, Platform Engineering. We have secured long term work, across the full spectrum, on the latest framework with the client, which provides the springboard for our ongoing growth and development in this domain, so join us on what will be an incredible growth journey. Role As a Full Stack Software Engineer, you'll enjoy delivering mission critical solutions to National Security customers. This isn't developing solutions that complete financial transactions faster; you'll develop cutting edge product that protects people, platforms, missions and information against constantly changing threats. You're a Full Stack Software Engineer that enjoys developing novel products; leading, innovating and inventing by bringing the physical and digital together. It'll involve consulting with customers, defining strategy and understanding how to apply emerging technologies. Roke is a leading technology & engineering company with clients spanning National Security, Defence and Intelligence. You will work alongside our customers to solve their complex and unique challenges. As a Full Stack Software Developer, you will be responsible for Writing clean, secure code following a test-driven approach Create code that is open by default and easy for others to reuse Effectively document all work using required standards, methods and tools, including prototyping tools where appropriate Work with well understood and emerging technologies and identify appropriate patterns Integrating API / UI components with existing data stores and APIs Maintain and develop existing architectural components including Data Ingest, Data Stores and REST APIs Participate in sprint ceremonies with the agile team, attending daily stand-ups, epic decomposition, demos and planning sessions. Assist the wider team to understand upcoming API features and their impact on Collaborate with user researchers and can represent users internally Explain the difference between user needs and the desires of the user Required skills Spring Boot React / VueJS / AngularJS Appropriate Testing Frameworks Technologically curious / Willing / Able to tactically upskill new technologies Built on over a 60 year heritage, Roke offers specialist knowledge in sensors, communications, cyber, and AI and ML. We change the way organisations think and act - through dynamic insights from the analysis of multiple layers of data. We take care of the innovative, technical stuff that keeps everyone safe - that's our mission, passion, and motivation. Where you'll work GLOUCESTER - Alongside hybrid and flexible working options, you'll find our Gloucester site in a business park two minutes from junction 11A of the M5; The site allows easy access to our local customer base. Set on the outskirts of the Cotswolds, you are never far from a picturesque view or lunch time walk. The Next Step Click apply, submitting an up-to-date CV. We look forward to hearing from you.
Apr 22, 2026
Full time
Posted Friday 19 September 2025 at 00:00 Great ideas come from different minds. That's why we bring together engineers, scientists, analysts, and creatives from every background - and give them the trust, tools, and freedom to make a difference. What connects us is the mission: solving meaningful problems and building capability that protects what matters most. And as the challenges evolve, so do we - working on the technologies that will shape tomorrow, not just today. Full Stack Software Engineer National Security Business Be part of a growing and highly trusted supplier into the NS domain working to deliver mission critical solutions helping to keep the nation safe, secure and prosperous. Working on leading edge technology solutions including AI/DS, Cyber, Cloud, DevOps/SRE, Platform Engineering. We have secured long term work, across the full spectrum, on the latest framework with the client, which provides the springboard for our ongoing growth and development in this domain, so join us on what will be an incredible growth journey. Role As a Full Stack Software Engineer, you'll enjoy delivering mission critical solutions to National Security customers. This isn't developing solutions that complete financial transactions faster; you'll develop cutting edge product that protects people, platforms, missions and information against constantly changing threats. You're a Full Stack Software Engineer that enjoys developing novel products; leading, innovating and inventing by bringing the physical and digital together. It'll involve consulting with customers, defining strategy and understanding how to apply emerging technologies. Roke is a leading technology & engineering company with clients spanning National Security, Defence and Intelligence. You will work alongside our customers to solve their complex and unique challenges. As a Full Stack Software Developer, you will be responsible for Writing clean, secure code following a test-driven approach Create code that is open by default and easy for others to reuse Effectively document all work using required standards, methods and tools, including prototyping tools where appropriate Work with well understood and emerging technologies and identify appropriate patterns Integrating API / UI components with existing data stores and APIs Maintain and develop existing architectural components including Data Ingest, Data Stores and REST APIs Participate in sprint ceremonies with the agile team, attending daily stand-ups, epic decomposition, demos and planning sessions. Assist the wider team to understand upcoming API features and their impact on Collaborate with user researchers and can represent users internally Explain the difference between user needs and the desires of the user Required skills Spring Boot React / VueJS / AngularJS Appropriate Testing Frameworks Technologically curious / Willing / Able to tactically upskill new technologies Built on over a 60 year heritage, Roke offers specialist knowledge in sensors, communications, cyber, and AI and ML. We change the way organisations think and act - through dynamic insights from the analysis of multiple layers of data. We take care of the innovative, technical stuff that keeps everyone safe - that's our mission, passion, and motivation. Where you'll work GLOUCESTER - Alongside hybrid and flexible working options, you'll find our Gloucester site in a business park two minutes from junction 11A of the M5; The site allows easy access to our local customer base. Set on the outskirts of the Cotswolds, you are never far from a picturesque view or lunch time walk. The Next Step Click apply, submitting an up-to-date CV. We look forward to hearing from you.
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Apr 21, 2026
Full time
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Job Title: Senior Solutions Engineer Company Overview: Atreides helps organizations transform large and complex multi-modal datasets into information-rich geo-spatial data subscriptions that can be used across a wide spectrum of use cases. Currently, Atreides focuses on providing high-fidelity data solutions to enable customers to derive insights quickly. Atreides transforms the chaos of petabyte-scale, all-domain data-land, air, sea, space, and cyber-into real-time operational clarity. We are a fast-moving, high-performance international scale company. We trust our team with autonomy, believing it leads to better results and job satisfaction. With a mission-driven mindset and entrepreneurial spirit, we are building something new and helping unlock the power of massive-scale data to make the world safer, stronger, and more prosperous. Team Overview: We are a passionate team of technologists, data scientists, and analysts with backgrounds in operational intelligence, law enforcement, large multinationals, and cybersecurity operations. We obsess about designing products that will change the way global companies, governments and nonprofits protect themselves from external threats and global adversaries. Position Overview: As a Senior Solutions Engineer, you will lead the design and delivery of advanced, customer-facing data solutions built on top of our core platform. Your work will focus on building end-to-end workflows, contributing to core workflow templates, creating reusable solution patterns, and guiding product-aligned R&D efforts that inform the evolution of our data platform. You'll collaborate closely with customer analysts, internal data scientists, and Platform Engineering to ensure solutions are accurate, scalable, and grounded in operational needs. This role is ideal for someone who can operate independently in ambiguous, fast-moving environments, prototype new workflows with high technical rigor, and take initiative to scale learnings across deployments and teams. Team Principles: Remain curious and passionate in all aspects of our work Promote clear, direct, and transparent communication Embrace the "measure twice, cut once" philosophy Value and encourage diverse ideas and technologies Lead with empathy in all interactions Responsibilities: Architect reusable patterns for configuring and adapting platform outputs to customer needs. Lead end-to-end data integration efforts for complex or sensitive customer datasets. Work with domain expert analysts to define QA and validation strategies to ensure analytical outputs meet customer reliability standards. Guide the creation of tools and templates that simplify future integrations. Conduct high-impact custom analyses in response to analyst inquiries. Act as a technical point-of-contact for customer engagements and feedback loops. Desired Qualifications: 5+ years in data engineering, with experience in platform configuration and customer deployment. Deep skills in scripting, SQL (Spark SQL preferred), API integration, and cloud-native operations. Experience designing quality assurance workflows and integrating validation logic into production pipelines. Familiarity with data visualization tools and diagnostic methods for complex data systems. Excellent communication and leadership skills, with a track record of cross-functional collaboration. Compensation and Benefits: Competitive salary Comprehensive health, dental, and vision insurance plans Flexible hybrid work environment Additional benefits like flexible hours, work travel opportunities, competitive vacation time and parental leave While meeting all of these criteria would be ideal, we understand that some candidates may meet most, but not all. If you're passionate, curious and ready to "work smart and get things done," we'd love to hear from you.
Apr 20, 2026
Full time
Job Title: Senior Solutions Engineer Company Overview: Atreides helps organizations transform large and complex multi-modal datasets into information-rich geo-spatial data subscriptions that can be used across a wide spectrum of use cases. Currently, Atreides focuses on providing high-fidelity data solutions to enable customers to derive insights quickly. Atreides transforms the chaos of petabyte-scale, all-domain data-land, air, sea, space, and cyber-into real-time operational clarity. We are a fast-moving, high-performance international scale company. We trust our team with autonomy, believing it leads to better results and job satisfaction. With a mission-driven mindset and entrepreneurial spirit, we are building something new and helping unlock the power of massive-scale data to make the world safer, stronger, and more prosperous. Team Overview: We are a passionate team of technologists, data scientists, and analysts with backgrounds in operational intelligence, law enforcement, large multinationals, and cybersecurity operations. We obsess about designing products that will change the way global companies, governments and nonprofits protect themselves from external threats and global adversaries. Position Overview: As a Senior Solutions Engineer, you will lead the design and delivery of advanced, customer-facing data solutions built on top of our core platform. Your work will focus on building end-to-end workflows, contributing to core workflow templates, creating reusable solution patterns, and guiding product-aligned R&D efforts that inform the evolution of our data platform. You'll collaborate closely with customer analysts, internal data scientists, and Platform Engineering to ensure solutions are accurate, scalable, and grounded in operational needs. This role is ideal for someone who can operate independently in ambiguous, fast-moving environments, prototype new workflows with high technical rigor, and take initiative to scale learnings across deployments and teams. Team Principles: Remain curious and passionate in all aspects of our work Promote clear, direct, and transparent communication Embrace the "measure twice, cut once" philosophy Value and encourage diverse ideas and technologies Lead with empathy in all interactions Responsibilities: Architect reusable patterns for configuring and adapting platform outputs to customer needs. Lead end-to-end data integration efforts for complex or sensitive customer datasets. Work with domain expert analysts to define QA and validation strategies to ensure analytical outputs meet customer reliability standards. Guide the creation of tools and templates that simplify future integrations. Conduct high-impact custom analyses in response to analyst inquiries. Act as a technical point-of-contact for customer engagements and feedback loops. Desired Qualifications: 5+ years in data engineering, with experience in platform configuration and customer deployment. Deep skills in scripting, SQL (Spark SQL preferred), API integration, and cloud-native operations. Experience designing quality assurance workflows and integrating validation logic into production pipelines. Familiarity with data visualization tools and diagnostic methods for complex data systems. Excellent communication and leadership skills, with a track record of cross-functional collaboration. Compensation and Benefits: Competitive salary Comprehensive health, dental, and vision insurance plans Flexible hybrid work environment Additional benefits like flexible hours, work travel opportunities, competitive vacation time and parental leave While meeting all of these criteria would be ideal, we understand that some candidates may meet most, but not all. If you're passionate, curious and ready to "work smart and get things done," we'd love to hear from you.
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Oct 07, 2025
Contractor
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest click apply for full job details
Oct 04, 2025
Contractor
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest click apply for full job details
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Oct 04, 2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Deerfoot Recruitment Solutions Limited
City, London
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
Oct 03, 2025
Contractor
Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Oct 03, 2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Job Title: Security Orchestration, Automation & Response (SOAR) Engineer Duration: 6-month contract Location: Welwyn garden city - Hybrid (1 to 2 days per week on site) Daily Rate: 850 inside umbrella About the role: As a SOAR Engineer, you will be at the forefront of enhancing security capabilities. Your contributions will play a pivotal role in detecting and preventing security threats while ensuring faster and more effective responses. You'll collaborate across various teams, empowering your colleagues to focus on what they do best. Key Responsibilities: Design and develop security automations across SOAR platforms and various security tools. Collaborate with analysts and engineers to improve workflows and enhance operational efficiency. Maintain and improve existing playbooks and automations for optimal platform performance. Stay updated on the latest security trends and techniques to continually refine our strategies. What We're Looking For: To thrive in this role, you should possess the following technical skills and experience: Cyber Security Tools : Hands-on experience with SOAR platforms and Threat Intelligence Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public Cloud Experience: Familiarity with working in public cloud environments is a plus! Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Oct 02, 2025
Contractor
Job Title: Security Orchestration, Automation & Response (SOAR) Engineer Duration: 6-month contract Location: Welwyn garden city - Hybrid (1 to 2 days per week on site) Daily Rate: 850 inside umbrella About the role: As a SOAR Engineer, you will be at the forefront of enhancing security capabilities. Your contributions will play a pivotal role in detecting and preventing security threats while ensuring faster and more effective responses. You'll collaborate across various teams, empowering your colleagues to focus on what they do best. Key Responsibilities: Design and develop security automations across SOAR platforms and various security tools. Collaborate with analysts and engineers to improve workflows and enhance operational efficiency. Maintain and improve existing playbooks and automations for optimal platform performance. Stay updated on the latest security trends and techniques to continually refine our strategies. What We're Looking For: To thrive in this role, you should possess the following technical skills and experience: Cyber Security Tools : Hands-on experience with SOAR platforms and Threat Intelligence Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public Cloud Experience: Familiarity with working in public cloud environments is a plus! Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
Oct 02, 2025
Contractor
Cyber Threat Intelligence Analyst: Cyber, Threat, SOC, Security Clearance Our Global Enterprise client is looking for a skilled Cyber Security Analyst with 5-6 years of experience within Threat Intelligence to join their team. Start Date: ASAP Duration: 55 days Pay Rate: £487 per hour (PLEASE NOTE: Employer NI is paid for by the client) Total Daily Earnings: £553 (includes rolled up holiday) IR35 Status: Inside Location: Hybrid/Hatfield (some travel to Blackfriars if required but this will be on a rare occasion) NOTE: Active SC Clearance is highly desirable. Responsibilities: Threat Intelligence Platform (TIP) Maintenance (20%): Take ownership of the threat intelligence platform and related tooling, ensuring its effective utilisation for monitoring and analysing both cyber and geopolitical threats. Optimise the platform to enhance the team's capabilities in threat detection and response. Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Cyber Threat Analysis & Dissemination (50%): Identify intelligence of concern for Computacenter across various sources and tooling and conduct analysis and assessment of such threats and their potential impact to the business. Monitor and analyse geopolitical events to identify potential impacts on the organisation's cyber security landscape. Using a variety of sources to increase knowledge, corroborate and parallel information. This involves engaging in communities and intelligence sharing initiatives. Have confidence in your ability to draw conclusions and provide intelligence led recommendations. Own and run regular briefings of Threat Intelligence to the wider security team. Respond to intelligence requests from internal teams, using all available sources of intelligence to produce assessments on the threat to support decision-making. Ensure clear and concise communication of assessments and complex bits of information for various stakeholders. Collaborate with cross-functional teams to address immediate intelligence needs and contribute to the overall security posture. Work closely alongside other Security Operations teams such as SOC Develop hypotheses based on threat intelligence to direct joint operations with Cyber Threat technical resources to direct threat hunting? Continue to develop access to internal data and leverage threat intelligence tooling to maximise intelligence opportunities. Dark Web Monitoring Ensuring Threat Intelligence Programme Meets Organisational Aims (15%): Collection of Priority Intelligence Requirements from key stakeholders Effective tracking of intelligence activities against these PIRs Reporting of service quality against KPIs Incident Response Support (15%): Required to work out of hours, when situation dictates, to support Incident Response activities Technical Skills & Experience: 5-6 years of experience within Threat Intelligence. Demonstrable experience in analysing and assessing cyber threats, including the ability to identify patterns and trends. Proficient in gathering, correlating, and interpreting data from various sources to produce actionable intelligence. Experience of giving detailed verbal threat briefings to key stakeholders. Experience working with a Threat Intelligence Platform (TIP). Excellent communication skills, including the ability to influence and persuade stakeholders to enact a more security focused approach. Understanding of the intelligence life cycle, from collection through to feedback. Experience in producing high-quality intelligence products and documentation for a variety of audiences. Familiarity with common cyber threats, threat actors, attack vectors, and vulnerabilities. Experience in leveraging open-source intelligence tools and techniques to gather information about threats. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Strong familiarity of threat cyber security frameworks such as MITRE ATT&CK, Killchain and NIST CSF 2.0 Desirable: Recognised information security and/or information technology industry certification. Good organisational and time management skills Experience of delivering and shaping Threat Modelling programmes Soft Skills: Excellent written and verbal English. Good presentation and moderation skills; professional and convincing manner of appearance and expression; clear, targeted communication (verbal and written). A strong desire to help others by sharing knowledge, peer reviewing, and contributing to technical and process standards. Work well within a team, report issues and risks, take part in team meetings, share ideas and work towards improving our service. Excellent communication and Customer facing customer service skills previous experience is essential. Ability to work independently and as part of a team is essential. To apply for this Cyber Threat Intelligence Analyst contract job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
Incident Response Analyst Permanent - 52k - 57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return Salary of between 52k- 57k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Oct 02, 2025
Full time
Incident Response Analyst Permanent - 52k - 57k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an Incident Response Analyst to join a leader in the utilities space. The business have been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. Your new role This is an interesting opportunity to help deliver strategy which will enhance the organisation's security resilience, proactively contributing to mitigating threats, at a good time when the company is expanding and investing in its IT and cyber security estate. Working alongside the SOC, the primary responsibility of an incident responder is to rapidly investigate and document cybersecurity incidents within the organisation. Key parts of the role: Monitor and analyse network traffic, system logs, and other data sources to identify potential security incidents. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. Stay informed about emerging cyber threats and vulnerabilities. What you'll need to succeed Experience in a similar role, ideally around CNI and OT, with exposure to cyber plans. Proven experience operating in a SOC or a related cyber security role. In-depth knowledge of cyber threats, threat intelligence frameworks and cyber security best practice. Strong analytical and problem-solving skills. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return Salary of between 52k- 57k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
