Hays Specialist Recruitment Limited
PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non-technical stakeholders. The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post-incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required. The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices. You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies. Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports. Ability to analyse and interpret security events/logs and perform remediation work to address security issues. Desirable: Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Experience with DarkTrace Qualifications Bachelor's degree in Cybersecurity or Computer Science Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non-technical stakeholders. The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post-incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required. The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices. You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies. Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports. Ability to analyse and interpret security events/logs and perform remediation work to address security issues. Desirable: Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Experience with DarkTrace Qualifications Bachelor's degree in Cybersecurity or Computer Science Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Refreshing Recruitment Limited
Are you a 3rd Line End User Computing, Windows 11 Desktop Engineer, with current SC clearance? Our client is a specialist End User Compute (EUC) IT services provider, modernising secure digital workplaces for high-profile UK Central Government departments. In this role you will be part of a team of specialist Senior Windows End User Computing Engineers, delivering 3rd line support for Windows 11 environments, leading on OS updates, software deployments, security updates, and tooling optimisation Core responsibilities include: SME for Windows desktop environments, providing expert 3rd line and escalation support. Lead on OS patching, security updates, and software deployments using SCCM, Intune and/or Workspace ONE. Contribute to major projects (UEM deployments, cyber security integrations, and hardware refreshes). Collaboration with Service Desk and 2nd line teams, ensuring effective knowledge transfer. Identify service gaps, automate processes, and improve tooling for scalability, compliance, and user experience. Apply Zero Trust principles in all engineering activity, ensuring compliance with SC-cleared standards and ISO/IEC 27001. Skills sought with Advanced Windows 10 and 11 in enterprise scale environments. SCCM, Microsoft Intune or Omnissa Workspace ONE. PowerShell Scripting for automation and secure administration. Strong background in Microsoft enterprise products and endpoint security. Demonstrable experience leading enterprise-scale projects (migrations, UEM deployments, hardware refreshes). Ability to troubleshoot and resolve complex technical issues independently. Please note it is essential that you have current SC clearance. Apply now to progress!
Are you a 3rd Line End User Computing, Windows 11 Desktop Engineer, with current SC clearance? Our client is a specialist End User Compute (EUC) IT services provider, modernising secure digital workplaces for high-profile UK Central Government departments. In this role you will be part of a team of specialist Senior Windows End User Computing Engineers, delivering 3rd line support for Windows 11 environments, leading on OS updates, software deployments, security updates, and tooling optimisation Core responsibilities include: SME for Windows desktop environments, providing expert 3rd line and escalation support. Lead on OS patching, security updates, and software deployments using SCCM, Intune and/or Workspace ONE. Contribute to major projects (UEM deployments, cyber security integrations, and hardware refreshes). Collaboration with Service Desk and 2nd line teams, ensuring effective knowledge transfer. Identify service gaps, automate processes, and improve tooling for scalability, compliance, and user experience. Apply Zero Trust principles in all engineering activity, ensuring compliance with SC-cleared standards and ISO/IEC 27001. Skills sought with Advanced Windows 10 and 11 in enterprise scale environments. SCCM, Microsoft Intune or Omnissa Workspace ONE. PowerShell Scripting for automation and secure administration. Strong background in Microsoft enterprise products and endpoint security. Demonstrable experience leading enterprise-scale projects (migrations, UEM deployments, hardware refreshes). Ability to troubleshoot and resolve complex technical issues independently. Please note it is essential that you have current SC clearance. Apply now to progress!
Harvey Nash
Milton Keynes, Buckinghamshire
I am currently looking for 2 experienced Cyber Security Engineers (DV Cleared) for a client, based in Milton Keynes with occasional travel to London. DV Clearance is essential - applicants without current clearance unfortunately cannot be considered. About the Role: These roles sit within a client's Cybersecurity Operations function. You will play a key part in designing, implementing, and maintaining the platforms that support enterprise-scale security operations. From SIEM and log collection to endpoint detection, automation, and integration, you'll help ensure the SOC team has the reliable and scalable infrastructure it needs to detect, investigate, and respond to threats. Responsibilities: Manage and optimise SIEM platforms (Splunk, Microsoft Sentinel, open-source alternatives) across hybrid-cloud environments Configure and maintain log/data pipelines from endpoints, cloud services, and network devices Ensure high availability, reliability, and performance of core security platforms Integrate new security tools into the ecosystem, including automation via APIs, Scripting, and AI Maintain clear documentation, diagrams, and procedures to support knowledge sharing and consistency Skills & Experience: Strong hands-on experience with SIEM technologies (Splunk, Sentinel, etc.) Knowledge of cloud platforms (Azure, AWS, GCP) and hybrid environments Scripting skills (Python, PowerShell) for automation and integration Experience with SOAR and SecDevOps practices (Git, GitHub, Azure DevOps, CI/CD) Good understanding of frameworks such as NIST, MITRE ATT&CK, CAF Background in Incident Response or SOC analysis is highly valued Soft Skills: Strong analytical and problem-solving mindset Effective communication and collaboration skills Ability to thrive in a fast-paced, dynamic environment Certifications (Splunk, Microsoft, SANS, etc.) are desirable but not required. Location: Milton Keynes (with some travel to London) Positions: 2 available If you're DV cleared and want to take on a challenging and rewarding role with a leading organisation, I'd love to hear from you.
I am currently looking for 2 experienced Cyber Security Engineers (DV Cleared) for a client, based in Milton Keynes with occasional travel to London. DV Clearance is essential - applicants without current clearance unfortunately cannot be considered. About the Role: These roles sit within a client's Cybersecurity Operations function. You will play a key part in designing, implementing, and maintaining the platforms that support enterprise-scale security operations. From SIEM and log collection to endpoint detection, automation, and integration, you'll help ensure the SOC team has the reliable and scalable infrastructure it needs to detect, investigate, and respond to threats. Responsibilities: Manage and optimise SIEM platforms (Splunk, Microsoft Sentinel, open-source alternatives) across hybrid-cloud environments Configure and maintain log/data pipelines from endpoints, cloud services, and network devices Ensure high availability, reliability, and performance of core security platforms Integrate new security tools into the ecosystem, including automation via APIs, Scripting, and AI Maintain clear documentation, diagrams, and procedures to support knowledge sharing and consistency Skills & Experience: Strong hands-on experience with SIEM technologies (Splunk, Sentinel, etc.) Knowledge of cloud platforms (Azure, AWS, GCP) and hybrid environments Scripting skills (Python, PowerShell) for automation and integration Experience with SOAR and SecDevOps practices (Git, GitHub, Azure DevOps, CI/CD) Good understanding of frameworks such as NIST, MITRE ATT&CK, CAF Background in Incident Response or SOC analysis is highly valued Soft Skills: Strong analytical and problem-solving mindset Effective communication and collaboration skills Ability to thrive in a fast-paced, dynamic environment Certifications (Splunk, Microsoft, SANS, etc.) are desirable but not required. Location: Milton Keynes (with some travel to London) Positions: 2 available If you're DV cleared and want to take on a challenging and rewarding role with a leading organisation, I'd love to hear from you.
