Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
May 25, 2026
Contractor
Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
May 25, 2026
Full time
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Cyber Security Operations Manager Liverpool (Hybrid) 75,000 We're working with a growing UK business looking to hire a Cyber Security Operations Manager to take full ownership of its security operations function, ensuring the organisation is protected, resilient, and continuously improving against an increasingly complex threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business is protected against evolving threats while continuously improving processes, tooling, and team capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk teams to strengthen security across the business Leading and developing a team of cyber engineers and analysts Driving automation initiatives to improve response times and operational efficiency Supporting governance, compliance, and audit requirements Reporting on security performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such as NIST, ISO 27001, or CIS Controls Experience working in cloud environments (Azure, AWS, or GCP) Strong leadership and stakeholder management skills Ability to balance hands-on technical understanding with strategic oversight Why Join? Opportunity to lead and shape the security operations function High visibility role across technology and leadership teams Business actively investing in cyber security and resilience If you're looking for a role where you can lead, influence, and strengthen cyber security at scale, we'd love to hear from you. Apply today with your most up to date CV. BH36094
May 24, 2026
Full time
Cyber Security Operations Manager Liverpool (Hybrid) 75,000 We're working with a growing UK business looking to hire a Cyber Security Operations Manager to take full ownership of its security operations function, ensuring the organisation is protected, resilient, and continuously improving against an increasingly complex threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business is protected against evolving threats while continuously improving processes, tooling, and team capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk teams to strengthen security across the business Leading and developing a team of cyber engineers and analysts Driving automation initiatives to improve response times and operational efficiency Supporting governance, compliance, and audit requirements Reporting on security performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such as NIST, ISO 27001, or CIS Controls Experience working in cloud environments (Azure, AWS, or GCP) Strong leadership and stakeholder management skills Ability to balance hands-on technical understanding with strategic oversight Why Join? Opportunity to lead and shape the security operations function High visibility role across technology and leadership teams Business actively investing in cyber security and resilience If you're looking for a role where you can lead, influence, and strengthen cyber security at scale, we'd love to hear from you. Apply today with your most up to date CV. BH36094
Job Title: Operations Manager Location: Sharston, M22 4SN Salary : £45,000 - £60,000 per annum, dependent on experience Job type: Full time, Permanent About Us: Established in 2000, Express Solicitors is an award winning, no win no fee law firm specialising exclusively in personal injury claims. Headquartered in Manchester, we support clients nationwide across all areas of personal injury, including employers' liability, serious injury, clinical negligence, occupiers' and public liability, road traffic accidents and industrial disease. We are ranked 64th in The Lawyer UK Top 200, out of more than 10,000 law firms nationwide, and after achieving a 20% year on year growth, Express Solicitors are the largest personal injury claimant firm in the UK. Our commitment to outstanding client care is reflected in our Trustpilot rating of 4.8 (Excellent), placing us among the highest rated firms in the sector. About The Role: Due to continued growth and expansion, we are seeking an experienced and driven Operations Manager. The Operations Manager is responsible for driving data-led decision making, systems performance, and cross-functional operational support across the firm. This role sits at the intersection of technology, data, legal operations, and business process - providing the analytical rigour and operational structure that enables both legal and non-legal functions to operate effectively. The Operations team also handles key business processes in support of other business functions and this role will involve the management of both data focussed and more traditional operations roles Responsibilities: Responsible for the firm's operational data infrastructure, ensuring accuracy, consistency, and accessibility of business-critical data across systems. Lead the development and governance of management information (MI) reporting, providing actionable insight to senior management and department heads. Leadership of the data analytics team in production and maintenance of dashboards and reporting tools (e.g. Power BI, SQL-based reports). Working with various stakeholders directly and in through supervision of the data team to identify improvements and additions to existing reporting suites. Liaise with compliance and risk functions to ensure operational processes reflect regulatory requirements (e.g. SRA, GDPR). Working with the Development team, Business Analyst, Project Manager as required to ensure a joined-up approach to systems and compliance. Lead or contribute to firmwide operational projects such as system migrations, reporting re-platforming, or process standardisation initiatives. Maintain operational process documentation and ensure procedures are kept current, accessible and adhered to. Monitor operational risk indicators and escalate emerging issues to senior management with appropriate remediation recommendations. Contribute to the firm's AI and data strategy, including identification of use cases, vendor assessment, and governance framework development. Work with other companies within the group to ensure effective systems and data management between companies. Person Specification: Experience in senior operations roles, ideally within a legal or other professional services firm. Demonstrable expertise in data management, MI reporting, and business intelligence tools (e.g. Power BI, Tableau, or equivalent). Strong working knowledge of relational databases and querying (SQL), with an ability to interrogate and manipulate data to derive business insight. Experience using case management systems or CRM and understanding how data flows in and out of such systems. Experience managing or influencing cross-functional operational projects in an environment with multiple stakeholder groups. Strong commercial awareness with an understanding of how operational performance connects to financial outcomes. Comfortable working with analytics, data and reporting tools to translate information into clear business insights. Familiarity with AI and machine learning tools in an operational or analytical context including, document processing, predictive analytics, or LLM-based workflow augmentation. Understanding of cybersecurity and data security principles as they relate to data governance and system access management. Hours: Our standard working hours are 8:30am to 5:30pm Monday-Thursday and 8:30am to 5pm Friday. Benefits: Hybrid Working - 3/2 hybrid working pattern after probation. 23 Days Holiday - Rising to 26 days, plus bank/public holidays. Extra Holidays - 3 holiday buy backs and an extra day for your birthday after service length requirement. Looking After Your Well-being - 24/7 onsite Gym, Netball/Football team, 10km Manchester team and more. Work Life / Balance - Active social committee with generous departmental and firm-wide social budget. Recruitment Process: Interviews will be conducted by MS Teams and will include scenario-based questioning. Please click APPLY to be redirected to our website to complete your application. Candidates with the relevant experience or job titles of; Operations General Manager, Ops Manager, Senior Operations Executive, Legal Operations Manager, Professional Services Operations Manager, Business Management, Business Operations Leader may also be considered for this role.
May 23, 2026
Full time
Job Title: Operations Manager Location: Sharston, M22 4SN Salary : £45,000 - £60,000 per annum, dependent on experience Job type: Full time, Permanent About Us: Established in 2000, Express Solicitors is an award winning, no win no fee law firm specialising exclusively in personal injury claims. Headquartered in Manchester, we support clients nationwide across all areas of personal injury, including employers' liability, serious injury, clinical negligence, occupiers' and public liability, road traffic accidents and industrial disease. We are ranked 64th in The Lawyer UK Top 200, out of more than 10,000 law firms nationwide, and after achieving a 20% year on year growth, Express Solicitors are the largest personal injury claimant firm in the UK. Our commitment to outstanding client care is reflected in our Trustpilot rating of 4.8 (Excellent), placing us among the highest rated firms in the sector. About The Role: Due to continued growth and expansion, we are seeking an experienced and driven Operations Manager. The Operations Manager is responsible for driving data-led decision making, systems performance, and cross-functional operational support across the firm. This role sits at the intersection of technology, data, legal operations, and business process - providing the analytical rigour and operational structure that enables both legal and non-legal functions to operate effectively. The Operations team also handles key business processes in support of other business functions and this role will involve the management of both data focussed and more traditional operations roles Responsibilities: Responsible for the firm's operational data infrastructure, ensuring accuracy, consistency, and accessibility of business-critical data across systems. Lead the development and governance of management information (MI) reporting, providing actionable insight to senior management and department heads. Leadership of the data analytics team in production and maintenance of dashboards and reporting tools (e.g. Power BI, SQL-based reports). Working with various stakeholders directly and in through supervision of the data team to identify improvements and additions to existing reporting suites. Liaise with compliance and risk functions to ensure operational processes reflect regulatory requirements (e.g. SRA, GDPR). Working with the Development team, Business Analyst, Project Manager as required to ensure a joined-up approach to systems and compliance. Lead or contribute to firmwide operational projects such as system migrations, reporting re-platforming, or process standardisation initiatives. Maintain operational process documentation and ensure procedures are kept current, accessible and adhered to. Monitor operational risk indicators and escalate emerging issues to senior management with appropriate remediation recommendations. Contribute to the firm's AI and data strategy, including identification of use cases, vendor assessment, and governance framework development. Work with other companies within the group to ensure effective systems and data management between companies. Person Specification: Experience in senior operations roles, ideally within a legal or other professional services firm. Demonstrable expertise in data management, MI reporting, and business intelligence tools (e.g. Power BI, Tableau, or equivalent). Strong working knowledge of relational databases and querying (SQL), with an ability to interrogate and manipulate data to derive business insight. Experience using case management systems or CRM and understanding how data flows in and out of such systems. Experience managing or influencing cross-functional operational projects in an environment with multiple stakeholder groups. Strong commercial awareness with an understanding of how operational performance connects to financial outcomes. Comfortable working with analytics, data and reporting tools to translate information into clear business insights. Familiarity with AI and machine learning tools in an operational or analytical context including, document processing, predictive analytics, or LLM-based workflow augmentation. Understanding of cybersecurity and data security principles as they relate to data governance and system access management. Hours: Our standard working hours are 8:30am to 5:30pm Monday-Thursday and 8:30am to 5pm Friday. Benefits: Hybrid Working - 3/2 hybrid working pattern after probation. 23 Days Holiday - Rising to 26 days, plus bank/public holidays. Extra Holidays - 3 holiday buy backs and an extra day for your birthday after service length requirement. Looking After Your Well-being - 24/7 onsite Gym, Netball/Football team, 10km Manchester team and more. Work Life / Balance - Active social committee with generous departmental and firm-wide social budget. Recruitment Process: Interviews will be conducted by MS Teams and will include scenario-based questioning. Please click APPLY to be redirected to our website to complete your application. Candidates with the relevant experience or job titles of; Operations General Manager, Ops Manager, Senior Operations Executive, Legal Operations Manager, Professional Services Operations Manager, Business Management, Business Operations Leader may also be considered for this role.
Cyber Security SOC Analyst London - Hybrid working (3 days in office / 2 days remote) 30k- 36k + Benefits and Paid Training Exams towards certifications relevant for your role fully paid for! My client is an award winning London based MSP who are looking to hire a Cyber Security SOC Analyst. As a Cyber Security SOC Support Analyst, you will be primarily responsible for monitoring systems and making the initial response to any flags or alerts that come in via support tickets or telephone tickets. One of the key responsibilities is also to review and categorise potential threats in order of priority and dismiss any false alarms, whilst also gathering information and escalating the most urgent threats to Escalations Management Team. Cyber Security SOC Analyst Job Specifications: Cyber Security SOC Analyst Main Tasks and Responsibilities Provide triage and first line of defence for all cyber security incidents within the organisation and as part of our Managed Security Service Take ownership and provide remedial actions to ensure that Cyber Security Threats are mitigated as per Playbooks provided by the Cyber Security Team or escalate incidents to Escalations Management Team for further information/support Manage technical and stakeholder incident reporting via concise communications Manage client communication channels during an active incident Liaise with third party service suppliers where necessary, logging tickets and act as a central point of contact for active incident Provide operational support to wider Cyber Security Team on security incidents Provide a professional and customer-focused service through the life cycle of each ticket; manage customer expectations by keeping customer informed of progress. Cyber Security SOC Analyst Essential Experience: Preference given to candidates with MSP background Minimum 1 years proven experience in a Tier 1 Cyber Security SOC Support Analyst role Working knowledge of Microsoft Defender XDR and Microsoft Sentinel SIEM technologies Working knowledge of Microsoft Defender suite including Endpoint Detection and Response Understanding of key Microsoft 365 Cloud Technologies from a threat landscape perspective Cyber Security SOC Analyst Essential Certification: SC-200 Microsoft Certified: Security Operations Analyst Associate SC-900 Microsoft Certified: Security Compliance and Identity Fundamental Cyber Security SOC Analyst Personal Skills: Highly Motivated Can do attitude Attention to detail Excellent communication Proven client service skills Ability to work under pressure Willingness to work flexibly as required Good telephone etiquette Cyber Security SOC Analyst Benefits Hours: 7.5 hours a day on a fortnightly shift pattern (8am to 4.30pm or 9am to 5.30pm or 9.30am to 6pm) Holidays: 20 days per year, plus bank holidays. After 3 years continuous service, an extra day annual leave up to 25 days. Benefits: Competitive Package Offered - Gym membership, Vitality at Work Business rewards & benefits, Cycle to Work scheme, quarterly team nights out/events, monthly games night with pizzas and breakfast on Wednesdays! Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.
May 23, 2026
Full time
Cyber Security SOC Analyst London - Hybrid working (3 days in office / 2 days remote) 30k- 36k + Benefits and Paid Training Exams towards certifications relevant for your role fully paid for! My client is an award winning London based MSP who are looking to hire a Cyber Security SOC Analyst. As a Cyber Security SOC Support Analyst, you will be primarily responsible for monitoring systems and making the initial response to any flags or alerts that come in via support tickets or telephone tickets. One of the key responsibilities is also to review and categorise potential threats in order of priority and dismiss any false alarms, whilst also gathering information and escalating the most urgent threats to Escalations Management Team. Cyber Security SOC Analyst Job Specifications: Cyber Security SOC Analyst Main Tasks and Responsibilities Provide triage and first line of defence for all cyber security incidents within the organisation and as part of our Managed Security Service Take ownership and provide remedial actions to ensure that Cyber Security Threats are mitigated as per Playbooks provided by the Cyber Security Team or escalate incidents to Escalations Management Team for further information/support Manage technical and stakeholder incident reporting via concise communications Manage client communication channels during an active incident Liaise with third party service suppliers where necessary, logging tickets and act as a central point of contact for active incident Provide operational support to wider Cyber Security Team on security incidents Provide a professional and customer-focused service through the life cycle of each ticket; manage customer expectations by keeping customer informed of progress. Cyber Security SOC Analyst Essential Experience: Preference given to candidates with MSP background Minimum 1 years proven experience in a Tier 1 Cyber Security SOC Support Analyst role Working knowledge of Microsoft Defender XDR and Microsoft Sentinel SIEM technologies Working knowledge of Microsoft Defender suite including Endpoint Detection and Response Understanding of key Microsoft 365 Cloud Technologies from a threat landscape perspective Cyber Security SOC Analyst Essential Certification: SC-200 Microsoft Certified: Security Operations Analyst Associate SC-900 Microsoft Certified: Security Compliance and Identity Fundamental Cyber Security SOC Analyst Personal Skills: Highly Motivated Can do attitude Attention to detail Excellent communication Proven client service skills Ability to work under pressure Willingness to work flexibly as required Good telephone etiquette Cyber Security SOC Analyst Benefits Hours: 7.5 hours a day on a fortnightly shift pattern (8am to 4.30pm or 9am to 5.30pm or 9.30am to 6pm) Holidays: 20 days per year, plus bank holidays. After 3 years continuous service, an extra day annual leave up to 25 days. Benefits: Competitive Package Offered - Gym membership, Vitality at Work Business rewards & benefits, Cycle to Work scheme, quarterly team nights out/events, monthly games night with pizzas and breakfast on Wednesdays! Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.
SOC Analyst 75.48 p/hr (Inside IR35) Onsite Hereford 12 months Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution. Duties: Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements. Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness. Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security support role. Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification.
May 23, 2026
Contractor
SOC Analyst 75.48 p/hr (Inside IR35) Onsite Hereford 12 months Level 1 SOC Cyber Analyst to join the TMCT security team to serve as the first internal responder to alerts generated by our outsourced SOC provider. In this role the individual will perform initial triage, conduct low level investigations, interact directly with end users and asset owners, and escalate verified incidents for advanced analysis and response. The level 1 SOC analyst will act as a key link between our internal security team and the external SOC, ensuring that potential threats are quickly validated, documented, and routed through appropriate channels for resolution. Duties: Alert Triage: Review and assess alerts escalated by the outsourced SOC; validate their accuracy and determine potential impact. Initial Investigation: Perform first-line investigation using available tools (SIEM, Device Logs, firewall logs and SIEM alerts). User Interaction: Engage with affected end users or asset owners to collect additional information, verify events, or guide immediate containment steps (e.g.asset isolation, password reset). Escalation: Escalate confirmed or high severity incidents to the Level 2 SOC (outsourced) or internal incident response teams, ensuring complete and accurate handoff documentation. Incident Documentation: Create and maintain detailed case notes, timelines, and evidence within the case management system to support investigations and compliance requirements. Collaboration: Serve as the coordination point between the security team and the external SOC partner, maintaining strong communication and situational awareness. Playbook Execution: follow established triage and escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security support role. Understanding of key security concepts including malware, phishing, lateral movement and privilege escalation. Working knowledge of network fundamentals, windows/Linux system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification.
IT Security Analyst - 40,000/ 45,000 per annum - Brandesburton (Hybrid) Principal IT are proud to be supporting a leading provider of modular buildings for various sectors, such as education, healthcare, defence, and justice. This is an excellent opportunity for someone with a passion for cybersecurity who is looking to play a key role in strengthening and developing an organisation's overall security posture and cyber resilience strategy. Working closely with the Infrastructure & Security Manager, you will be responsible for monitoring, detecting, investigating, and responding to security threats across the organisation's infrastructure and systems. You will also support vulnerability management, compliance initiatives, and wider security improvement projects across the business. This role would suit someone with 2-4 years' experience in a cybersecurity, SOC, or infrastructure security-focused position who enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: Monitor and develop SIEM and threat detection platforms Investigate and respond to security incidents and alerts Support vulnerability scanning, remediation, and reporting activities Assist with development of security policies, procedures, and controls Work alongside Infrastructure and Technical Services teams to improve security across the estate Support compliance activities aligned to ISO27001, GDPR, and NIST frameworks Conduct security awareness initiatives including phishing simulations and end-user training Maintain and improve endpoint protection, IDS/IPS, EDR, XDR, and MDR solutions Assist with backup, disaster recovery, and digital asset protection strategies Stay up to date with emerging cyber threats and recommend improvements where appropriate Key Skills & Experience: 2-4 years' experience within a cybersecurity or infrastructure security role Experience working with SIEM tools and vulnerability management platforms Strong understanding of EDR, XDR, MDR, IDS/IPS technologies Good knowledge of Microsoft security technologies and infrastructure environments Understanding of ISO27001, NIST, GDPR, and security best practices Experience investigating security incidents and producing clear documentation Full UK driving licence Desirable: CompTIA Security+ CISSP Associate Microsoft certifications Experience with Azure environments Scripting or automation knowledge Experience working with ERP systems This is a fantastic opportunity to join a business investing heavily in cybersecurity, where you will have the chance to influence security best practices, work with modern technologies, and continue developing your technical skillset within a collaborative environment. The Package: If successful our client is offering a salary of between 40,000/ 45,000 per annum, favorable holiday allowance, company contributed pension scheme and opportunities for professional development including training and advancement. This a hybrid working role 3 days on site and 2 days working from home. How to Apply: If you are interested in hearing more about this IT security analyst vacancy or interested in applying for the role please email me at or contact Principal IT Directly on LinkedIn. INDGH
May 22, 2026
Full time
IT Security Analyst - 40,000/ 45,000 per annum - Brandesburton (Hybrid) Principal IT are proud to be supporting a leading provider of modular buildings for various sectors, such as education, healthcare, defence, and justice. This is an excellent opportunity for someone with a passion for cybersecurity who is looking to play a key role in strengthening and developing an organisation's overall security posture and cyber resilience strategy. Working closely with the Infrastructure & Security Manager, you will be responsible for monitoring, detecting, investigating, and responding to security threats across the organisation's infrastructure and systems. You will also support vulnerability management, compliance initiatives, and wider security improvement projects across the business. This role would suit someone with 2-4 years' experience in a cybersecurity, SOC, or infrastructure security-focused position who enjoys working across a broad technology estate and keeping up to date with emerging threats and security technologies. Key Responsibilities: Monitor and develop SIEM and threat detection platforms Investigate and respond to security incidents and alerts Support vulnerability scanning, remediation, and reporting activities Assist with development of security policies, procedures, and controls Work alongside Infrastructure and Technical Services teams to improve security across the estate Support compliance activities aligned to ISO27001, GDPR, and NIST frameworks Conduct security awareness initiatives including phishing simulations and end-user training Maintain and improve endpoint protection, IDS/IPS, EDR, XDR, and MDR solutions Assist with backup, disaster recovery, and digital asset protection strategies Stay up to date with emerging cyber threats and recommend improvements where appropriate Key Skills & Experience: 2-4 years' experience within a cybersecurity or infrastructure security role Experience working with SIEM tools and vulnerability management platforms Strong understanding of EDR, XDR, MDR, IDS/IPS technologies Good knowledge of Microsoft security technologies and infrastructure environments Understanding of ISO27001, NIST, GDPR, and security best practices Experience investigating security incidents and producing clear documentation Full UK driving licence Desirable: CompTIA Security+ CISSP Associate Microsoft certifications Experience with Azure environments Scripting or automation knowledge Experience working with ERP systems This is a fantastic opportunity to join a business investing heavily in cybersecurity, where you will have the chance to influence security best practices, work with modern technologies, and continue developing your technical skillset within a collaborative environment. The Package: If successful our client is offering a salary of between 40,000/ 45,000 per annum, favorable holiday allowance, company contributed pension scheme and opportunities for professional development including training and advancement. This a hybrid working role 3 days on site and 2 days working from home. How to Apply: If you are interested in hearing more about this IT security analyst vacancy or interested in applying for the role please email me at or contact Principal IT Directly on LinkedIn. INDGH
We are partnered with a growing cyber security business in Buckinghamshire, supporting customers with threat monitoring and incident response services. They are looking for a Cyber Security Analyst to join their growing SOC team, helping to investigate and respond to live security threats across customer environments. In this Cyber Security Analyst role, you will: Investigate and respond to security alerts across endpoint, network, and cloud environments Carry out deeper analysis on suspicious activity and support incident response actions Work closely with wider technical teams during live investigations and escalations Help improve detection processes, alert quality, and day-to-day SOC operations The ideal Cyber Security Analyst will have: Commercial experience within a SOC or cyber security operations environment Good understanding of threats such as phishing, malware, ransomware, and account compromise Experience using security tools such as SIEM, EDR, firewalls, or detection platforms A calm, methodical approach to investigation and problem solving under pressure This is a hybrid role (3 days per week at their Buckinghamshire office) with normal office hours (no shift pattern). You will receive ongoing training and exposure to a broad range of customer environments and technologies. This is a great opportunity for someone looking to continue developing within cyber operation. For more information on this Cyber Security Analyst role in Buckinghamshire, email Ed at (url removed) or call (phone number removed).
May 22, 2026
Full time
We are partnered with a growing cyber security business in Buckinghamshire, supporting customers with threat monitoring and incident response services. They are looking for a Cyber Security Analyst to join their growing SOC team, helping to investigate and respond to live security threats across customer environments. In this Cyber Security Analyst role, you will: Investigate and respond to security alerts across endpoint, network, and cloud environments Carry out deeper analysis on suspicious activity and support incident response actions Work closely with wider technical teams during live investigations and escalations Help improve detection processes, alert quality, and day-to-day SOC operations The ideal Cyber Security Analyst will have: Commercial experience within a SOC or cyber security operations environment Good understanding of threats such as phishing, malware, ransomware, and account compromise Experience using security tools such as SIEM, EDR, firewalls, or detection platforms A calm, methodical approach to investigation and problem solving under pressure This is a hybrid role (3 days per week at their Buckinghamshire office) with normal office hours (no shift pattern). You will receive ongoing training and exposure to a broad range of customer environments and technologies. This is a great opportunity for someone looking to continue developing within cyber operation. For more information on this Cyber Security Analyst role in Buckinghamshire, email Ed at (url removed) or call (phone number removed).
Role: OT Cyber Security Analyst Location: Culham - 2 days per week on site (hybrid) Contract length: Until 18/12/2026 Day rate: Approx. 50/hour (Umbrella) or 36.43/hour (PAYE) IR35: In scope This role sits at the heart of operational technology security within critical infrastructure, giving you the chance to shape and mature OT security controls and governance in a highly visible environment. What you will be doing Implement, operate, and continuously improve OT security controls and monitoring capabilities across complex OT environments. Apply and embed an OT Security Strategy, policies, and standards across industrial control and critical infrastructure systems. Align OT security with leading frameworks such as IEC 62443, NIST CSF, CAF and ISO 27001. Carry out OT security risk assessments, gap analyses and remediation planning. Work closely with operations, engineering teams and MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from oil & gas, rail, chemical, or similar process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation skills, especially around policies and standards. Maximum notice period of 2 weeks. Desirable Experience with OT asset discovery, monitoring and OT security tools. Exposure to regulatory requirements for critical infrastructure (e.g. NIS Directive, UK CAF). Understanding of project / service delivery lifecycles and ITSM controls. Security clearance Active SC clearance or SC that has lapsed within the last 12 months is required (no flexibility on this). This is a strong opportunity for someone who wants to work at the intersection of OT, cyber security and critical national infrastructure, with the stability of a contract running to the end of 2026.
May 22, 2026
Contractor
Role: OT Cyber Security Analyst Location: Culham - 2 days per week on site (hybrid) Contract length: Until 18/12/2026 Day rate: Approx. 50/hour (Umbrella) or 36.43/hour (PAYE) IR35: In scope This role sits at the heart of operational technology security within critical infrastructure, giving you the chance to shape and mature OT security controls and governance in a highly visible environment. What you will be doing Implement, operate, and continuously improve OT security controls and monitoring capabilities across complex OT environments. Apply and embed an OT Security Strategy, policies, and standards across industrial control and critical infrastructure systems. Align OT security with leading frameworks such as IEC 62443, NIST CSF, CAF and ISO 27001. Carry out OT security risk assessments, gap analyses and remediation planning. Work closely with operations, engineering teams and MSPs to ensure security controls are implemented and sustained. Contribute to governance artefacts - policies, standards and documentation that underpin OT security. Support integration with SIEM/SOC functions for OT environments. What our client is looking for Strong OT security experience within ICS or critical infrastructure - ideally from oil & gas, rail, chemical, or similar process industries. Hands-on experience implementing OT security strategies, policies and standards. Solid understanding of OT networks, segmentation and common industrial protocols. Familiarity with SIEM/SOC integration for OT environments. Experience working with operations/engineering teams and advising MSPs or third-party security providers. Excellent communication and documentation skills, especially around policies and standards. Maximum notice period of 2 weeks. Desirable Experience with OT asset discovery, monitoring and OT security tools. Exposure to regulatory requirements for critical infrastructure (e.g. NIS Directive, UK CAF). Understanding of project / service delivery lifecycles and ITSM controls. Security clearance Active SC clearance or SC that has lapsed within the last 12 months is required (no flexibility on this). This is a strong opportunity for someone who wants to work at the intersection of OT, cyber security and critical national infrastructure, with the stability of a contract running to the end of 2026.
We're looking for a Senior SOC Analyst (L2 / L3) for our consultancy client supporting a major cyber security programme for a financial services organisation. This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst will possess proven skills working with the following - • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract
May 22, 2026
Contractor
We're looking for a Senior SOC Analyst (L2 / L3) for our consultancy client supporting a major cyber security programme for a financial services organisation. This is an initial 6 month contract paying up to £600 per day Outside IR35. The role focuses on supporting security operations monitoring and incident response activities within a large enterprise environment. This role allows remote working with occasional travel to London when required. The successful SOC Analyst will possess proven skills working with the following - • Monitoring security alerts and events across enterprise environments • Investigating potential cyber security incidents and responding appropriately • Working with SIEM platforms such as Splunk, Sentinel or QRadar • Conducting threat analysis and triaging security alerts • Supporting incident response and remediation activities • Working with security engineering teams to improve detection capabilities Experience within financial services, fintech or other regulated environments would be beneficial. Interested? Please apply below SOC Analyst, Security Operations Analyst, Cyber Security Analyst, SIEM Analyst, Splunk, Microsoft Sentinel, Incident Response, Outside IR35 Contract
Cyber Security analyst Until December £45 - £50/Hr Inside IR35 Oxfordshire Clearance: SC We are seeking a Cyber Security Analyst for our Government client based in Oxfordshire. This role will be office based 2 days per week and the remainder remote. The Cyber Security analyst role will be an initial contract until 18/12, paying between £45- £50/Hr Inside IR35. This role is inside IR35 - Due to the service of the role it will now be based on an Umbrella solution. Clearance: SC Role Profile We are seeking an experienced OT Cyber Security Analyst to support and strengthen cyber security across industrial and operational technology environments. This role focuses on securing critical systems through the deployment, management, and enhancement of OT security controls, while helping drive continuous improvements in monitoring, governance, and risk management practices. The successful candidate will play a key role in delivering practical security solutions across ICS and OT networks, ensuring systems remain resilient against evolving cyber threats. You will work closely with operational teams, engineers, and third-party providers to embed security best practice across the environment and support compliance with recognised industry standards and frameworks. This is a hands-on technical role with a strong governance element, involving everything from security implementation and risk assessments through to documentation, standards development, and supplier engagement. Exposure to SIEM/SOC integration within OT environments would be beneficial. Key Responsibilities Implement and support OT cyber security controls across industrial environments Assist in the development and maintenance of OT security standards, procedures, and governance documentation Carry out OT security assessments, identify vulnerabilities, and support remediation activities Work with engineering and operational teams to improve security posture across ICS infrastructure Support network segmentation initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such as oil & gas, rail, manufacturing, utilities, or chemical processing Experience securing OT or ICS environments within critical infrastructure settings Strong understanding of OT cyber security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing security controls and improving OT cyber maturity Knowledge of industrial networking, segmentation principles, and OT protocols Proven experience performing risk assessments, gap analysis, and remediation planning Ability to work effectively with technical operations and engineering stakeholders Experience supporting or interfacing with SIEM/SOC capabilities in OT environments Strong written and verbal communication skills, including technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies If you are interested in the above, hit the Apply now button! Cyber Security Analyst, Security Analyst, Cyber Security Analyst, SIEM, Cyber Security Analyst, SOC, Cyber Security Analyst, Cyber Security Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
May 22, 2026
Contractor
Cyber Security analyst Until December £45 - £50/Hr Inside IR35 Oxfordshire Clearance: SC We are seeking a Cyber Security Analyst for our Government client based in Oxfordshire. This role will be office based 2 days per week and the remainder remote. The Cyber Security analyst role will be an initial contract until 18/12, paying between £45- £50/Hr Inside IR35. This role is inside IR35 - Due to the service of the role it will now be based on an Umbrella solution. Clearance: SC Role Profile We are seeking an experienced OT Cyber Security Analyst to support and strengthen cyber security across industrial and operational technology environments. This role focuses on securing critical systems through the deployment, management, and enhancement of OT security controls, while helping drive continuous improvements in monitoring, governance, and risk management practices. The successful candidate will play a key role in delivering practical security solutions across ICS and OT networks, ensuring systems remain resilient against evolving cyber threats. You will work closely with operational teams, engineers, and third-party providers to embed security best practice across the environment and support compliance with recognised industry standards and frameworks. This is a hands-on technical role with a strong governance element, involving everything from security implementation and risk assessments through to documentation, standards development, and supplier engagement. Exposure to SIEM/SOC integration within OT environments would be beneficial. Key Responsibilities Implement and support OT cyber security controls across industrial environments Assist in the development and maintenance of OT security standards, procedures, and governance documentation Carry out OT security assessments, identify vulnerabilities, and support remediation activities Work with engineering and operational teams to improve security posture across ICS infrastructure Support network segmentation initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such as oil & gas, rail, manufacturing, utilities, or chemical processing Experience securing OT or ICS environments within critical infrastructure settings Strong understanding of OT cyber security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing security controls and improving OT cyber maturity Knowledge of industrial networking, segmentation principles, and OT protocols Proven experience performing risk assessments, gap analysis, and remediation planning Ability to work effectively with technical operations and engineering stakeholders Experience supporting or interfacing with SIEM/SOC capabilities in OT environments Strong written and verbal communication skills, including technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies If you are interested in the above, hit the Apply now button! Cyber Security Analyst, Security Analyst, Cyber Security Analyst, SIEM, Cyber Security Analyst, SOC, Cyber Security Analyst, Cyber Security Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.
Role: Cyber Security Analyst (SOC Analyst) Location: Corsham - 100% on-site Day Rate: Up to 640 Contract Length: Until 26th April 2027, with potential for extension IR35: In scope Why this could interest you Rare chance to work in a high-impact, mission-critical Defence environment. Long-term stability to 2027, with possibility of extension depending on funding. Tier 2/3 level work - genuinely complex incidents, not just first-line alert handling. Key responsibilities Tier 2/3 SOC analysis in an enterprise environment. Perform triage of security events - determine scope, priority and impact, and recommend rapid remediation actions. Conduct real-time management of security incidents from detection through to resolution. Work with SIEM technologies and SIEM engineering, including tool configuration (e.g. ArcSight). Create and maintain use cases, analytics and playbooks. Contribute to security monitoring across on-prem and cloud technologies. Shift pattern & working conditions 13-hour shifts - days and nights, including some weekends. 4 on 5 off, then 5 on 4 off - averaging a standard 37-hour week. Fully on-site in Corsham. Essential requirements Strongly preffeed to have Active DV Clearance (Developed Vetting) and eligibility for Sensitive Post Check. Industry-standard SOC security qualifications (e.g. SANS, ISC2). Proven Tier 2/3 SOC Analyst experience (2+ years). Hands-on experience with SIEM technologies and engineering (ideally including ArcSight). Experience creating SOC use cases, analytics and playbooks. Desirable Degree in a technical, engineering or computing discipline. Defence / MOD experience. Previous lead-level SOC experience (though an experienced Tier 2 Analyst would also be considered).
May 22, 2026
Contractor
Role: Cyber Security Analyst (SOC Analyst) Location: Corsham - 100% on-site Day Rate: Up to 640 Contract Length: Until 26th April 2027, with potential for extension IR35: In scope Why this could interest you Rare chance to work in a high-impact, mission-critical Defence environment. Long-term stability to 2027, with possibility of extension depending on funding. Tier 2/3 level work - genuinely complex incidents, not just first-line alert handling. Key responsibilities Tier 2/3 SOC analysis in an enterprise environment. Perform triage of security events - determine scope, priority and impact, and recommend rapid remediation actions. Conduct real-time management of security incidents from detection through to resolution. Work with SIEM technologies and SIEM engineering, including tool configuration (e.g. ArcSight). Create and maintain use cases, analytics and playbooks. Contribute to security monitoring across on-prem and cloud technologies. Shift pattern & working conditions 13-hour shifts - days and nights, including some weekends. 4 on 5 off, then 5 on 4 off - averaging a standard 37-hour week. Fully on-site in Corsham. Essential requirements Strongly preffeed to have Active DV Clearance (Developed Vetting) and eligibility for Sensitive Post Check. Industry-standard SOC security qualifications (e.g. SANS, ISC2). Proven Tier 2/3 SOC Analyst experience (2+ years). Hands-on experience with SIEM technologies and engineering (ideally including ArcSight). Experience creating SOC use cases, analytics and playbooks. Desirable Degree in a technical, engineering or computing discipline. Defence / MOD experience. Previous lead-level SOC experience (though an experienced Tier 2 Analyst would also be considered).
Cyber Security Analyst (SOC) Role: Cyber Security Analyst (SOC) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 300 - 400 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6-12 Months Cyber Security Analyst (SOC) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Cyber Security Analyst (SOC) to join an existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require strong hands-on experience with the Microsoft security stack (Entra, Defender, Sentinel) as well as exposure to email security, phishing and SOAR tooling. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (days and nights). Candidates must be eligible for UK Security Clearance Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Microsoft security stack (Entra, Defender, Sentinel) Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques Proven experience of robust incident response within defined SLA's Proven experience using SIEM, SOAR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft SC-200, AZ-500) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
May 22, 2026
Contractor
Cyber Security Analyst (SOC) Role: Cyber Security Analyst (SOC) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 300 - 400 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6-12 Months Cyber Security Analyst (SOC) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Cyber Security Analyst (SOC) to join an existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require strong hands-on experience with the Microsoft security stack (Entra, Defender, Sentinel) as well as exposure to email security, phishing and SOAR tooling. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (days and nights). Candidates must be eligible for UK Security Clearance Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Microsoft security stack (Entra, Defender, Sentinel) Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques Proven experience of robust incident response within defined SLA's Proven experience using SIEM, SOAR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft SC-200, AZ-500) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
Information Security Analyst - Audit & Compliance We're working with a global leader in CX and workforce management solutions to find a certified Security Auditor. This is a fantastic opportunity to join a company that's setting the highest standards in cybersecurity and security compliance. You'll play a key role in ensuring compliance with leading security frameworks, preparing for and conducting audits, and contributing to security operations. You'll be joining a collaborative, ambitious team where there are genuine long-term career prospects and endless opportunities to develop. The Role Lead and conduct internal audits across ISO 27001, GDPR, DORA, Cyber Essentials & more. Prepare teams for external audits and manage the audit process end-to-end. Monitor changes in compliance frameworks and maintain alignment. Support the Cyber Security Operations Centre (CSOC) in incident monitoring and response. Develop and maintain policies, procedures, and security documentation. Collaborate with IT & Security teams to identify and remediate vulnerabilities. What We're Looking For Strong knowledge of audit & compliance frameworks (ISO 27001, Cyber Essentials, GDPR, DORA). Experience with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience with internal/external audits and compliance assessments. Relevant security/audit certifications (CISA, CISM, CISSP, ISO 27001 Lead Auditor, Cyber Essentials Assessor, or equivalent). Eligible for UK Security Clearance. What's In It For You? Salary approx 90,000 + Bonus, Pension, Healthcare, Flexi-Working and much more. Hybrid working (2 days in the London office). Excellent long-term career growth with a global organisation. Work alongside some of the best minds in the industry. This is a unique chance to be part of a company that's innovating in cybersecurity and compliance at a global scale. Hit apply to upload your CV Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
May 22, 2026
Full time
Information Security Analyst - Audit & Compliance We're working with a global leader in CX and workforce management solutions to find a certified Security Auditor. This is a fantastic opportunity to join a company that's setting the highest standards in cybersecurity and security compliance. You'll play a key role in ensuring compliance with leading security frameworks, preparing for and conducting audits, and contributing to security operations. You'll be joining a collaborative, ambitious team where there are genuine long-term career prospects and endless opportunities to develop. The Role Lead and conduct internal audits across ISO 27001, GDPR, DORA, Cyber Essentials & more. Prepare teams for external audits and manage the audit process end-to-end. Monitor changes in compliance frameworks and maintain alignment. Support the Cyber Security Operations Centre (CSOC) in incident monitoring and response. Develop and maintain policies, procedures, and security documentation. Collaborate with IT & Security teams to identify and remediate vulnerabilities. What We're Looking For Strong knowledge of audit & compliance frameworks (ISO 27001, Cyber Essentials, GDPR, DORA). Experience with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions. Hands-on experience with internal/external audits and compliance assessments. Relevant security/audit certifications (CISA, CISM, CISSP, ISO 27001 Lead Auditor, Cyber Essentials Assessor, or equivalent). Eligible for UK Security Clearance. What's In It For You? Salary approx 90,000 + Bonus, Pension, Healthcare, Flexi-Working and much more. Hybrid working (2 days in the London office). Excellent long-term career growth with a global organisation. Work alongside some of the best minds in the industry. This is a unique chance to be part of a company that's innovating in cybersecurity and compliance at a global scale. Hit apply to upload your CV Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Location: Birmingham (Hybrid 3 days onsite) Salary: £45,000 - £50,000 + Excellent Benefits Contract Type: Permanent The Role SOC Engineer - Cyber We re looking for a hands-on SOC Engineer to join a rapidly growing Cyber Security function within a large enterprise technology environment. This is an opportunity to work in one of the most modern and well-equipped SOC environments in the market, supporting enterprise customers across a broad range of managed security services and cloud technologies. This is a genuinely engineering-led role rather than a traditional SOC analyst position. You ll be heavily involved in infrastructure, cloud security, security tooling, automation, and operational cyber engineering across enterprise-scale environments. Working from a Birmingham-based SOC three days a week, you ll play a key role in supporting customer environments, improving cyber capabilities, and helping showcase a cutting-edge SOC environment to visiting customers and stakeholders. What s in it for you as our Cyber SOC Engineer? Salary of £45,000 - £50,000 Hybrid working environment Excellent company benefits package Flexible benefits scheme Access to industry-leading SOC technology and tooling Dedicated training and development time each week Fully funded learning opportunities and partner-led certifications Opportunities to attend conferences and industry events Career progression within a large enterprise technology organisation Exposure to enterprise-scale cloud and cyber environments Supportive, collaborative, and highly technical team environment Duties as SOC Engineer - Cyber As a Cyber SOC Engineer, you will: Act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling Support, maintain, and improve cyber security infrastructure across enterprise customer environments Work closely with internal teams and customers to onboard, configure, and optimise security technologies and services Investigate and resolve platform issues, security alerts, log source health problems, and tooling-related incidents Configure and support technologies such as Microsoft Defender, Sentinel, CrowdStrike, Tenable, and related security platforms Assist with vulnerability scanning, remediation support, and operational security improvements Contribute to automation and scripting initiatives using tools such as KQL, PowerShell, Python, or Bash Produce and maintain technical documentation, operational runbooks, and security playbooks Support governance and compliance activities aligned to standards such as ISO27001, GDPR, and NCSC guidance Work collaboratively across infrastructure, cloud, networking, and cyber teams to improve service delivery and operational resilience Stay up to date with emerging cyber threats, technologies, and security best practice Contribute to continual improvement initiatives across the SOC function Who are we looking for as our Cyber SOC Engineer? We re looking for a technically capable and proactive engineer who enjoys solving problems, learning new technologies, and working collaboratively in a fast-paced environment. This role would suit someone from a SOC Engineering, Cloud Security, Infrastructure Security, or Cyber Engineering background who enjoys hands-on technical work rather than purely monitoring or analyst-based responsibilities. You ll ideally have experience with: Microsoft Sentinel and Microsoft Defender EDR/XDR/MDR technologies Vulnerability management tools such as Tenable or Qualys Azure, Microsoft 365, Intune, or AWS environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud security technologies We d especially like to hear from candidates who are: Strong communicators who can work confidently with both technical and non-technical stakeholders Organised, collaborative, and eager to learn Comfortable working in a customer-facing environment Self-driven and proactive in solving problems Able to take ownership while also working well within a team Interested in developing their cyber engineering and cloud security expertise further Relevant certifications such as SC-200, SC-900, AZ-500, CISSP, or similar would be advantageous, but practical engineering experience is equally important. Please note: Candidates must be eligible for UK Security Clearance (SC/BPSS), including having the right to work in the UK and meeting residency requirements. INDHS
May 21, 2026
Full time
Location: Birmingham (Hybrid 3 days onsite) Salary: £45,000 - £50,000 + Excellent Benefits Contract Type: Permanent The Role SOC Engineer - Cyber We re looking for a hands-on SOC Engineer to join a rapidly growing Cyber Security function within a large enterprise technology environment. This is an opportunity to work in one of the most modern and well-equipped SOC environments in the market, supporting enterprise customers across a broad range of managed security services and cloud technologies. This is a genuinely engineering-led role rather than a traditional SOC analyst position. You ll be heavily involved in infrastructure, cloud security, security tooling, automation, and operational cyber engineering across enterprise-scale environments. Working from a Birmingham-based SOC three days a week, you ll play a key role in supporting customer environments, improving cyber capabilities, and helping showcase a cutting-edge SOC environment to visiting customers and stakeholders. What s in it for you as our Cyber SOC Engineer? Salary of £45,000 - £50,000 Hybrid working environment Excellent company benefits package Flexible benefits scheme Access to industry-leading SOC technology and tooling Dedicated training and development time each week Fully funded learning opportunities and partner-led certifications Opportunities to attend conferences and industry events Career progression within a large enterprise technology organisation Exposure to enterprise-scale cloud and cyber environments Supportive, collaborative, and highly technical team environment Duties as SOC Engineer - Cyber As a Cyber SOC Engineer, you will: Act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling Support, maintain, and improve cyber security infrastructure across enterprise customer environments Work closely with internal teams and customers to onboard, configure, and optimise security technologies and services Investigate and resolve platform issues, security alerts, log source health problems, and tooling-related incidents Configure and support technologies such as Microsoft Defender, Sentinel, CrowdStrike, Tenable, and related security platforms Assist with vulnerability scanning, remediation support, and operational security improvements Contribute to automation and scripting initiatives using tools such as KQL, PowerShell, Python, or Bash Produce and maintain technical documentation, operational runbooks, and security playbooks Support governance and compliance activities aligned to standards such as ISO27001, GDPR, and NCSC guidance Work collaboratively across infrastructure, cloud, networking, and cyber teams to improve service delivery and operational resilience Stay up to date with emerging cyber threats, technologies, and security best practice Contribute to continual improvement initiatives across the SOC function Who are we looking for as our Cyber SOC Engineer? We re looking for a technically capable and proactive engineer who enjoys solving problems, learning new technologies, and working collaboratively in a fast-paced environment. This role would suit someone from a SOC Engineering, Cloud Security, Infrastructure Security, or Cyber Engineering background who enjoys hands-on technical work rather than purely monitoring or analyst-based responsibilities. You ll ideally have experience with: Microsoft Sentinel and Microsoft Defender EDR/XDR/MDR technologies Vulnerability management tools such as Tenable or Qualys Azure, Microsoft 365, Intune, or AWS environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud security technologies We d especially like to hear from candidates who are: Strong communicators who can work confidently with both technical and non-technical stakeholders Organised, collaborative, and eager to learn Comfortable working in a customer-facing environment Self-driven and proactive in solving problems Able to take ownership while also working well within a team Interested in developing their cyber engineering and cloud security expertise further Relevant certifications such as SC-200, SC-900, AZ-500, CISSP, or similar would be advantageous, but practical engineering experience is equally important. Please note: Candidates must be eligible for UK Security Clearance (SC/BPSS), including having the right to work in the UK and meeting residency requirements. INDHS
SIEM Analyst / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a SIEM Analyst Cyber Threat Detection, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
May 21, 2026
Full time
SIEM Analyst / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a SIEM Analyst Cyber Threat Detection, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1) Benefits At Claranet, we go the extra mile with our people because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet, our internal community that supports causes close to our employees hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We re proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click apply we can t wait to meet you!
May 21, 2026
Full time
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1) Benefits At Claranet, we go the extra mile with our people because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet, our internal community that supports causes close to our employees hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We re proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click apply we can t wait to meet you!
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation - You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement - You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation - You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1. Benefits At Claranet, we go the extra mile with our people-because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet , our internal community that supports causes close to our employees' hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We're proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click 'apply' - we can't wait to meet you!
May 21, 2026
Full time
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation - You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement - You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation - You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1. Benefits At Claranet, we go the extra mile with our people-because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet , our internal community that supports causes close to our employees' hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We're proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click 'apply' - we can't wait to meet you!
Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure to meet business requirements and objectives. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security
May 21, 2026
Full time
Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure to meet business requirements and objectives. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security
SOC Analyst - Farnborough, UK Salary up to £60,000 depending on experience, plus shift allowance Onsite role, shift work (4 on / 4 off) Must be eligible for SC clearance About the company Our client operates a growing Security Operations Centre delivering cyber defence services to organisations across a range of industries, from critical infrastructure to complex enterprise environments. The team focuses on high-quality detection, investigation and continuous improvement, rather than alert-only monitoring. Due to continued growth, they are looking for a SOC Analyst to strengthen their operations and help mature their security services. The benefits Shift allowance 25 days annual leave, with the option to buy additional days Health cash plan Life assurance Pension scheme The SOC Analyst role As a SOC Analyst, you will play a key part in protecting client environments by monitoring, investigating and responding to security events. Working as part of a 24/7 onsite SOC, you will handle incidents, contribute to detection improvements, and produce clear reporting for a range of audiences. This is a hands-on role offering exposure to diverse technologies and real cyber threats. SOC Analyst essential skills Experience working in a Security Operations Centre environment Hands-on experience with Microsoft Sentinel and Splunk Knowledge of the MITRE ATT&CK framework Understanding of networks and systems, including TCP/IP, firewalls, VPNs and endpoint security Strong analytical and problem-solving skills Ability to produce clear reports for technical and non-technical stakeholders Eligibility for SC Clearance Desirable skills Scripting or programming experience (Python, PowerShell, Bash, Perl or C++) Experience with additional SIEM tools such as QRadar Cyber security certifications such as Security+, CEH, CPSA or CREST Please either apply through this advert or emailing me directly via . For further information please call me: . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SOC Analyst, Security Operations Centre, Microsoft Sentinel, Splunk, SIEM, Incident Response, MITRE ATT and CK, Networking, SC Clearance, NSD
May 21, 2026
Full time
SOC Analyst - Farnborough, UK Salary up to £60,000 depending on experience, plus shift allowance Onsite role, shift work (4 on / 4 off) Must be eligible for SC clearance About the company Our client operates a growing Security Operations Centre delivering cyber defence services to organisations across a range of industries, from critical infrastructure to complex enterprise environments. The team focuses on high-quality detection, investigation and continuous improvement, rather than alert-only monitoring. Due to continued growth, they are looking for a SOC Analyst to strengthen their operations and help mature their security services. The benefits Shift allowance 25 days annual leave, with the option to buy additional days Health cash plan Life assurance Pension scheme The SOC Analyst role As a SOC Analyst, you will play a key part in protecting client environments by monitoring, investigating and responding to security events. Working as part of a 24/7 onsite SOC, you will handle incidents, contribute to detection improvements, and produce clear reporting for a range of audiences. This is a hands-on role offering exposure to diverse technologies and real cyber threats. SOC Analyst essential skills Experience working in a Security Operations Centre environment Hands-on experience with Microsoft Sentinel and Splunk Knowledge of the MITRE ATT&CK framework Understanding of networks and systems, including TCP/IP, firewalls, VPNs and endpoint security Strong analytical and problem-solving skills Ability to produce clear reports for technical and non-technical stakeholders Eligibility for SC Clearance Desirable skills Scripting or programming experience (Python, PowerShell, Bash, Perl or C++) Experience with additional SIEM tools such as QRadar Cyber security certifications such as Security+, CEH, CPSA or CREST Please either apply through this advert or emailing me directly via . For further information please call me: . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS: SOC Analyst, Security Operations Centre, Microsoft Sentinel, Splunk, SIEM, Incident Response, MITRE ATT and CK, Networking, SC Clearance, NSD
