SOC Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required 700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses on identifying unknown threats, coordinating deep-dive investigations, and elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned to MITRE ATT&CK techniques Identify stealthy, low-and-slow, and novel attack patterns not detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill SOC analysts in hunting methodologies and investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and recommend logging, telemetry, and tooling improvements Validate detection performance through purple team activities and simulation Threat Intelligence & Collaboration Consume and operationalise internal and external threat intelligence Maintain awareness of attacker tactics, tools, and campaigns relevant to the organisation Act as a key interface between SOC, Threat Intel, Red Team, and Vulnerability Management Reporting & Metrics Track and report on hunt coverage, outcomes, dwell time, MTTR, and investigation quality Provide regular insights to senior leadership on threat trends and risk posture Required Skills & Experience Technical Experience 7+ years in Security Operations, Threat Hunting, or Incident Response Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks Strong hands-on expertise with: SIEM platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows, Linux, and cloud attack techniques Malware behaviours, credential abuse, lateral movement, and persistence mechanisms Leadership & Soft Skills Demonstrated ability to lead and mentor technical teams Strong investigative mindset with attention to detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply now to be part of this impactful opportunity!
May 24, 2026
Contractor
SOC Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required 700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses on identifying unknown threats, coordinating deep-dive investigations, and elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned to MITRE ATT&CK techniques Identify stealthy, low-and-slow, and novel attack patterns not detected by automated controls Translate threat intelligence into actionable hunt hypotheses Continuously refine detection logic based on hunt outcomes and emerging threats Investigations & Incident Response Lead complex and high-severity security investigations from triage through containment and remediation Act as the technical escalation point for advanced SOC investigations Conduct root cause analysis and attacker kill-chain reconstruction Produce clear, defensible investigation documentation suitable for executive, legal, and regulatory audiences Coordinate incident response activities with IR, IT, Legal, Risk, and external partners as required SOC Technical Leadership Define investigation standards, workflows, and quality benchmarks Mentor and upskill SOC analysts in hunting methodologies and investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and recommend logging, telemetry, and tooling improvements Validate detection performance through purple team activities and simulation Threat Intelligence & Collaboration Consume and operationalise internal and external threat intelligence Maintain awareness of attacker tactics, tools, and campaigns relevant to the organisation Act as a key interface between SOC, Threat Intel, Red Team, and Vulnerability Management Reporting & Metrics Track and report on hunt coverage, outcomes, dwell time, MTTR, and investigation quality Provide regular insights to senior leadership on threat trends and risk posture Required Skills & Experience Technical Experience 7+ years in Security Operations, Threat Hunting, or Incident Response Proven experience leading investigations involving advanced persistent threats, insider threats, or targeted attacks Strong hands-on expertise with: SIEM platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows, Linux, and cloud attack techniques Malware behaviours, credential abuse, lateral movement, and persistence mechanisms Leadership & Soft Skills Demonstrated ability to lead and mentor technical teams Strong investigative mindset with attention to detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply now to be part of this impactful opportunity!
Senior Cyber Security & Network Analyst What's On Offer: Hybrid (2 days onsite; full-time in office for the first month) Enterprise-scale, highly regulated environment Hands-on cyber security & network projects Strong focus on development and progression Competitive salary + excellent benefits Permanent, full time (Flexibility is required for occasional weekend work when needed) We are pleased to be working with a highly regarded financial services organisation based just outside of Epsom, who are looking for a Senior Cyber Security & Network Analyst to join its growing technology function. It's a hands-on role within a strong team, focused on keeping systems secure while improving the wider network and security setup. This role offers the chance to operate at the intersection of cyber security and network engineering, supporting both day to day operations and strategic projects, so you'll play a vital role in protecting the organisation's infrastructure while contributing to ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing) Run vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed Support disaster recovery and business continuity planning What We're Looking For: 5 - 7+ years' experience in network engineering with strong cyber security exposure Proven experience with: Next-generation firewalls (e.g. Palo Alto) Endpoint detection and response tools SIEM platforms Vulnerability management tools (e.g. Qualys) Cisco switching (Layer 2/3) and enterprise networking Wireless technologies (e.g. Aruba) Network load balancing Strong incident management and threat analysis capabilities Experience working in regulated or compliance driven environments is advantageous Demonstrable experience delivering infrastructure or security projects About You: Strong analytical and problem solving mindset Excellent communication skills, both written and verbal Highly organised with strong attention to detail Proactive, self-motivated and able to work independently Collaborative approach with the ability to work across technical and non-technical teams Refer a friend and earn a retail voucher worth up to £500! Unfortunately, due to high numbers of applications, we are only able to respond to shortlisted applicants. If you have not heard from us within 5 days, please assume that you have not been shortlisted on this occasion. By applying for this vacancy, you accept Lloyd Recruitment Services Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you. Lloyd Recruitment Services are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.
May 24, 2026
Full time
Senior Cyber Security & Network Analyst What's On Offer: Hybrid (2 days onsite; full-time in office for the first month) Enterprise-scale, highly regulated environment Hands-on cyber security & network projects Strong focus on development and progression Competitive salary + excellent benefits Permanent, full time (Flexibility is required for occasional weekend work when needed) We are pleased to be working with a highly regarded financial services organisation based just outside of Epsom, who are looking for a Senior Cyber Security & Network Analyst to join its growing technology function. It's a hands-on role within a strong team, focused on keeping systems secure while improving the wider network and security setup. This role offers the chance to operate at the intersection of cyber security and network engineering, supporting both day to day operations and strategic projects, so you'll play a vital role in protecting the organisation's infrastructure while contributing to ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing) Run vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed Support disaster recovery and business continuity planning What We're Looking For: 5 - 7+ years' experience in network engineering with strong cyber security exposure Proven experience with: Next-generation firewalls (e.g. Palo Alto) Endpoint detection and response tools SIEM platforms Vulnerability management tools (e.g. Qualys) Cisco switching (Layer 2/3) and enterprise networking Wireless technologies (e.g. Aruba) Network load balancing Strong incident management and threat analysis capabilities Experience working in regulated or compliance driven environments is advantageous Demonstrable experience delivering infrastructure or security projects About You: Strong analytical and problem solving mindset Excellent communication skills, both written and verbal Highly organised with strong attention to detail Proactive, self-motivated and able to work independently Collaborative approach with the ability to work across technical and non-technical teams Refer a friend and earn a retail voucher worth up to £500! Unfortunately, due to high numbers of applications, we are only able to respond to shortlisted applicants. If you have not heard from us within 5 days, please assume that you have not been shortlisted on this occasion. By applying for this vacancy, you accept Lloyd Recruitment Services Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you. Lloyd Recruitment Services are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.
Cybersecurity Architect Security Clearance - SC Currently Active Location: Hybrid 60% office-40% remote - Wokingham Duration: 21/07/2026 Rate 590 MUST BE PAYE THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks (e.g., NIST, ISO/IEC 27001, CIS) Evaluate and integrate security technologies, including IAM, SIEM, EDR, DLP, WAF, and encryption solutions Collaborate with engineering, DevOps, and IT teams to embed security by design and ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience in enterprise security architecture, risk management, and compliance In-depth knowledge of security engineering for cloud platforms (AWS, Azure, GCP), networking, operating systems, and containerized environments Proficiency in identity and access management (IAM), zero-trust principles, and secure infrastructure automation Onsite requirement Understanding of cryptographic protocols, PKI, authentication mechanisms, and secure communications Strong technical writing and communication skills for architectural reviews and audit-facing documentation Relevant certifications such as CISSP, CISM, GIAC, TOGAF, or SABSA preferred"
May 24, 2026
Contractor
Cybersecurity Architect Security Clearance - SC Currently Active Location: Hybrid 60% office-40% remote - Wokingham Duration: 21/07/2026 Rate 590 MUST BE PAYE THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks (e.g., NIST, ISO/IEC 27001, CIS) Evaluate and integrate security technologies, including IAM, SIEM, EDR, DLP, WAF, and encryption solutions Collaborate with engineering, DevOps, and IT teams to embed security by design and ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience in enterprise security architecture, risk management, and compliance In-depth knowledge of security engineering for cloud platforms (AWS, Azure, GCP), networking, operating systems, and containerized environments Proficiency in identity and access management (IAM), zero-trust principles, and secure infrastructure automation Onsite requirement Understanding of cryptographic protocols, PKI, authentication mechanisms, and secure communications Strong technical writing and communication skills for architectural reviews and audit-facing documentation Relevant certifications such as CISSP, CISM, GIAC, TOGAF, or SABSA preferred"
Join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you ll focus on building high-impact detection capabilities, shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid / remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy: Lead projects from idea to deployment Innovation-driven: Develop cutting-edge detections beyond standard SIEM rules Collaborative: Work closely with internal teams and an outsourced SOC partner Mission-focused: Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You ll Bring Must-Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable / Nice-to-Have: Experience with Python, Terraform, or CI/CD pipelines Familiarity with Microsoft Purview, Entra ID, DLP, or Insider Risk tools Understanding of ISO 27001, Agile ways of working Knowledge of statistics, data science, or AI/ML applied to cybersecurity Relevant certifications (MS-500, AZ-500, SC-series, Security+, GSOC, CCSK) Perks & Benefits Hybrid / remote working options Flexible benefits package Opportunity to innovate and make a real impact in threat detection Work in a small, fast-paced, highly collaborative team Contribute to advancing precision healthcare using genomic data and AI Ready to build next-generation threat detection and protect life-changing data Apply today! Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Additional Resources will be acting in your best interest and may contact you in relation to the role, either by email, phone, or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please contact us. Additional Resources Ltd is an Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003.
May 23, 2026
Full time
Join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you ll focus on building high-impact detection capabilities, shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid / remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy: Lead projects from idea to deployment Innovation-driven: Develop cutting-edge detections beyond standard SIEM rules Collaborative: Work closely with internal teams and an outsourced SOC partner Mission-focused: Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You ll Bring Must-Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable / Nice-to-Have: Experience with Python, Terraform, or CI/CD pipelines Familiarity with Microsoft Purview, Entra ID, DLP, or Insider Risk tools Understanding of ISO 27001, Agile ways of working Knowledge of statistics, data science, or AI/ML applied to cybersecurity Relevant certifications (MS-500, AZ-500, SC-series, Security+, GSOC, CCSK) Perks & Benefits Hybrid / remote working options Flexible benefits package Opportunity to innovate and make a real impact in threat detection Work in a small, fast-paced, highly collaborative team Contribute to advancing precision healthcare using genomic data and AI Ready to build next-generation threat detection and protect life-changing data Apply today! Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Additional Resources will be acting in your best interest and may contact you in relation to the role, either by email, phone, or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please contact us. Additional Resources Ltd is an Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003.
Senior Cyber Security & Network Analyst What's On Offer: Hybrid (2 days onsite; full-time in office for the first month) Enterprise-scale, highly regulated environment Hands-on cyber security & network projects Strong focus on development and progression Competitive salary + excellent benefits Permanent, full time (Flexibility is required for occasional weekend work when needed) We are pleased to be working with a highly regarded financial services organisation based just outside of Epsom, who are looking for a Senior Cyber Security & Network Analyst to join its growing technology function. It's a hands-on role within a strong team, focused on keeping systems secure while improving the wider network and security setup. This role offers the chance to operate at the intersection of cyber security and network engineering, supporting both day to day operations and strategic projects, so you'll play a vital role in protecting the organisation's infrastructure while contributing to ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing) Run vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed Support disaster recovery and business continuity planning What We're Looking For: 5 - 7+ years' experience in network engineering with strong cyber security exposure Proven experience with: Next-generation firewalls (e.g. Palo Alto) Endpoint detection and response tools SIEM platforms Vulnerability management tools (e.g. Qualys) Cisco switching (Layer 2/3) and enterprise networking Wireless technologies (e.g. Aruba) Network load balancing Strong incident management and threat analysis capabilities Experience working in regulated or compliance driven environments is advantageous Demonstrable experience delivering infrastructure or security projects About You: Strong analytical and problem solving mindset Excellent communication skills, both written and verbal Highly organised with strong attention to detail Proactive, self-motivated and able to work independently Collaborative approach with the ability to work across technical and non-technical teams Refer a friend and earn a retail voucher worth up to 500! Unfortunately, due to high numbers of applications, we are only able to respond to shortlisted applicants. If you have not heard from us within 5 days, please assume that you have not been shortlisted on this occasion. By applying for this vacancy, you accept Lloyd Recruitment Services Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you. Lloyd Recruitment Services are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.
May 21, 2026
Full time
Senior Cyber Security & Network Analyst What's On Offer: Hybrid (2 days onsite; full-time in office for the first month) Enterprise-scale, highly regulated environment Hands-on cyber security & network projects Strong focus on development and progression Competitive salary + excellent benefits Permanent, full time (Flexibility is required for occasional weekend work when needed) We are pleased to be working with a highly regarded financial services organisation based just outside of Epsom, who are looking for a Senior Cyber Security & Network Analyst to join its growing technology function. It's a hands-on role within a strong team, focused on keeping systems secure while improving the wider network and security setup. This role offers the chance to operate at the intersection of cyber security and network engineering, supporting both day to day operations and strategic projects, so you'll play a vital role in protecting the organisation's infrastructure while contributing to ongoing transformation initiatives. Key Responsibilities: Own day to day cyber security operations, keeping systems and data secure Support and improve security tooling (firewalls, SIEM, endpoint, encryption) Monitor, investigate and respond to security incidents Look after core network infrastructure (LAN/WAN, Wi-Fi, L2/3, remote access, load balancing) Run vulnerability checks and ensure patching is up to date Use SIEM tools to spot and act on potential threats early Support audits, access controls and compliance requirements Get involved in (and lead) security and infrastructure projects Keep documentation and processes up to date Work with third-party suppliers where needed Support disaster recovery and business continuity planning What We're Looking For: 5 - 7+ years' experience in network engineering with strong cyber security exposure Proven experience with: Next-generation firewalls (e.g. Palo Alto) Endpoint detection and response tools SIEM platforms Vulnerability management tools (e.g. Qualys) Cisco switching (Layer 2/3) and enterprise networking Wireless technologies (e.g. Aruba) Network load balancing Strong incident management and threat analysis capabilities Experience working in regulated or compliance driven environments is advantageous Demonstrable experience delivering infrastructure or security projects About You: Strong analytical and problem solving mindset Excellent communication skills, both written and verbal Highly organised with strong attention to detail Proactive, self-motivated and able to work independently Collaborative approach with the ability to work across technical and non-technical teams Refer a friend and earn a retail voucher worth up to 500! Unfortunately, due to high numbers of applications, we are only able to respond to shortlisted applicants. If you have not heard from us within 5 days, please assume that you have not been shortlisted on this occasion. By applying for this vacancy, you accept Lloyd Recruitment Services Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you. Lloyd Recruitment Services are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.
AI Engineer Our client, a leading global supplier for IT services, requires an experienced AI Engineer to be based at their client's office in Sheffield, UK. This is a hybrid role - you can work remotely in the UK and attend the Sheffield office 2 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate This position falls under the client's Group Data Technology space. The key focus is on creating connections between business processes, data, products, services, and technology that underpin customer interactions and drive financial success. The team provides a single comprehensive data cataloguing solution across multiple business units. Key Responsibilities Work on functional design, process design (including scenario design, flow mapping), prototyping, testing, training, and defining support procedures, in collaboration with an advanced engineering team and executive leadership Articulate and document the solutions architecture and lessons learned for each exploration and accelerated incubation Conduct assessments of the AI for a given use case and come up with recommendations and alternate ways to achieve the objectives Key Requirements Essential: Proven experience of Chat Bot development using below listed technologies (Mandatory) Python, PyCharm, Numpy, Pandas Experience with ML, deep learning, TensorFlow, Python, NLP MySQL, PostgreSQL, NoSQL, RDBMS design and modelling GitHub, Jenkins Data modelling, Data wrangling and extraction Experience in developing classification algorithms and data preparation Must have experience in either one or more of the expertise areas like Image processing, text extraction, clustering, classification and embedding models Must have experience on developing Drift detection and Model monitoring implementation, good to have experience with AgentEvals for Large Language Models Desirable: Bachelor's degree or higher in computer science, engineering or related field 5-7 years of experience in architecting, positioning and delivering data science and machine learning Experience with Supervised and Unsupervised learning algorithms, good to have experience on Classification algorithms Experience with Document Type classifier, Pattern matching and PII identification Hands on experience in model training, drift detection and feature generation Expertise in Agile and can work with at least one of the common frameworks Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation Dev-ops and application security & data security experience Securing highly available Internet banking application Knowledge of client side applications and micro services architecture Excellent written and spoken communication skills; an ability to communicate with impact, ensuring complex information is articulated in a meaningful way to wide and varied audiences Build effective networks across business areas, developing relationships based on mutual trust and encouraging others to do the same Ability to quickly acquire new skills and tools Good To Have Skills: Computer Vision problem solution, Advanced pattern matching PII identification and extraction Document type classifiers Standardised form matcher Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
Oct 03, 2025
Contractor
AI Engineer Our client, a leading global supplier for IT services, requires an experienced AI Engineer to be based at their client's office in Sheffield, UK. This is a hybrid role - you can work remotely in the UK and attend the Sheffield office 2 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate This position falls under the client's Group Data Technology space. The key focus is on creating connections between business processes, data, products, services, and technology that underpin customer interactions and drive financial success. The team provides a single comprehensive data cataloguing solution across multiple business units. Key Responsibilities Work on functional design, process design (including scenario design, flow mapping), prototyping, testing, training, and defining support procedures, in collaboration with an advanced engineering team and executive leadership Articulate and document the solutions architecture and lessons learned for each exploration and accelerated incubation Conduct assessments of the AI for a given use case and come up with recommendations and alternate ways to achieve the objectives Key Requirements Essential: Proven experience of Chat Bot development using below listed technologies (Mandatory) Python, PyCharm, Numpy, Pandas Experience with ML, deep learning, TensorFlow, Python, NLP MySQL, PostgreSQL, NoSQL, RDBMS design and modelling GitHub, Jenkins Data modelling, Data wrangling and extraction Experience in developing classification algorithms and data preparation Must have experience in either one or more of the expertise areas like Image processing, text extraction, clustering, classification and embedding models Must have experience on developing Drift detection and Model monitoring implementation, good to have experience with AgentEvals for Large Language Models Desirable: Bachelor's degree or higher in computer science, engineering or related field 5-7 years of experience in architecting, positioning and delivering data science and machine learning Experience with Supervised and Unsupervised learning algorithms, good to have experience on Classification algorithms Experience with Document Type classifier, Pattern matching and PII identification Hands on experience in model training, drift detection and feature generation Expertise in Agile and can work with at least one of the common frameworks Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation Dev-ops and application security & data security experience Securing highly available Internet banking application Knowledge of client side applications and micro services architecture Excellent written and spoken communication skills; an ability to communicate with impact, ensuring complex information is articulated in a meaningful way to wide and varied audiences Build effective networks across business areas, developing relationships based on mutual trust and encouraging others to do the same Ability to quickly acquire new skills and tools Good To Have Skills: Computer Vision problem solution, Advanced pattern matching PII identification and extraction Document type classifiers Standardised form matcher Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Sep 26, 2025
Contractor
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
