DevOps Engineer SC cleared Permanent Flexible AWS Terraform SC Cleared At Peregrine, we re always seeking Specialist Talent that have the ideal mix of skills, experience, and attitude, to place with our vast array of clients. From Business Analysts in large government organisations to Software Developers in the private sector we are always in search of the best talent to place, now. The role: We are seeking an SC cleared DevOps Engineer to work as a forward deployed engineer, embedded within the Cyber Capability Unit. The role will support the design, build and deployment of AI powered solutions that strengthen cyber security and fraud prevention capabilities. You will work closely with engineers, product owners and stakeholders to understand operational needs, develop prototypes and deploy secure, reliable solutions within approved platforms and environments. This role directly supports the Cyber Resilience Centre s mission and contributes to the wider security strategy by delivering practical, governed AI solutions that provide measurable operational value. Responsibilities: Cloud and Platform Integration Design and deploy solutions in AWS cloud environments Use infrastructure as code to ensure repeatable and compliant deployments Ensure all solutions meet organisational governance, security and compliance standards CI/CD and Automation Configure, manage and maintain GitLab CI pipelines Automate testing, build and deployment of infrastructure, applications and services Promote best practice DevOps ways of working across environments Testing and Quality Implement unit, integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis in live environments Collaboration and Delivery Work closely with engineers, analysts and stakeholders Translate requirements into working technical solutions Support deployment, handover and ongoing optimisation of delivered capabilities Skills & Experience: Active SC clearance Strong experience deploying and operating solutions in AWS Infrastructure as code using Terraform CI/CD pipeline development using GitLab CI Experience with monitoring, logging and alerting tools Understanding of secure DevOps practices in regulated environments Experience working with large data stores or big data platforms Desirable skills: Experience supporting AI or data driven platforms Knowledge of cyber security or fraud prevention domains Experience working within government or critical national infrastructure environments About Peregrine We build workforces that deliver tech and change programmes at leading UK organisations. By combining data science from Peregrine Intelligence, our industry-accredited Peregrine Academy, and market-leading attraction and diversity initiatives, we bridge capability gaps at all levels in public and private sector organisations. We work closely with our clients to understand their challenges and deliver flexible, long-term solutions that make a real difference. When you join Peregrine, you become part of a team that s focused on growth, both yours, our clients , and the sectors we support. You ll also get access to a full range of benefits alongside your salary. How Specialist Talent Works As a permanent employee at Peregrine, you ll be part of our Specialist Talent team. That means you ll work on-site or remotely with our clients, supporting them on complex, high-impact projects in Data, Digital and Business Transformation. You ll get the variety and challenge of consultancy work, with the stability and support of a permanent role. You re not a contractor - you re a valued member of our team, with access to all the same benefits, learning opportunities, and community. Find out more: peregrine.global or check out our LinkedIn page: peregrin e- resourcing
Jun 13, 2026
Full time
DevOps Engineer SC cleared Permanent Flexible AWS Terraform SC Cleared At Peregrine, we re always seeking Specialist Talent that have the ideal mix of skills, experience, and attitude, to place with our vast array of clients. From Business Analysts in large government organisations to Software Developers in the private sector we are always in search of the best talent to place, now. The role: We are seeking an SC cleared DevOps Engineer to work as a forward deployed engineer, embedded within the Cyber Capability Unit. The role will support the design, build and deployment of AI powered solutions that strengthen cyber security and fraud prevention capabilities. You will work closely with engineers, product owners and stakeholders to understand operational needs, develop prototypes and deploy secure, reliable solutions within approved platforms and environments. This role directly supports the Cyber Resilience Centre s mission and contributes to the wider security strategy by delivering practical, governed AI solutions that provide measurable operational value. Responsibilities: Cloud and Platform Integration Design and deploy solutions in AWS cloud environments Use infrastructure as code to ensure repeatable and compliant deployments Ensure all solutions meet organisational governance, security and compliance standards CI/CD and Automation Configure, manage and maintain GitLab CI pipelines Automate testing, build and deployment of infrastructure, applications and services Promote best practice DevOps ways of working across environments Testing and Quality Implement unit, integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis in live environments Collaboration and Delivery Work closely with engineers, analysts and stakeholders Translate requirements into working technical solutions Support deployment, handover and ongoing optimisation of delivered capabilities Skills & Experience: Active SC clearance Strong experience deploying and operating solutions in AWS Infrastructure as code using Terraform CI/CD pipeline development using GitLab CI Experience with monitoring, logging and alerting tools Understanding of secure DevOps practices in regulated environments Experience working with large data stores or big data platforms Desirable skills: Experience supporting AI or data driven platforms Knowledge of cyber security or fraud prevention domains Experience working within government or critical national infrastructure environments About Peregrine We build workforces that deliver tech and change programmes at leading UK organisations. By combining data science from Peregrine Intelligence, our industry-accredited Peregrine Academy, and market-leading attraction and diversity initiatives, we bridge capability gaps at all levels in public and private sector organisations. We work closely with our clients to understand their challenges and deliver flexible, long-term solutions that make a real difference. When you join Peregrine, you become part of a team that s focused on growth, both yours, our clients , and the sectors we support. You ll also get access to a full range of benefits alongside your salary. How Specialist Talent Works As a permanent employee at Peregrine, you ll be part of our Specialist Talent team. That means you ll work on-site or remotely with our clients, supporting them on complex, high-impact projects in Data, Digital and Business Transformation. You ll get the variety and challenge of consultancy work, with the stability and support of a permanent role. You re not a contractor - you re a valued member of our team, with access to all the same benefits, learning opportunities, and community. Find out more: peregrine.global or check out our LinkedIn page: peregrin e- resourcing
Network Analyst / Lead Outskirts of Oxford Permanent 35,000 - 40,000 + Benefits I am seeking an experienced and proactive Network Analyst / Lead to join a well-established organisation based on the outskirts of Oxford. This is an excellent opportunity for a technically strong infrastructure professional who enjoys combining hands-on network engineering with leadership, strategic planning, and continuous improvement. Working within a growing IT team, you will take ownership of the organisation's network infrastructure, security posture, and connectivity across multiple sites, ensuring high availability, resilience, and performance. Key Responsibilities Manage, maintain, and optimise the organisation's network infrastructure Oversee LAN, WAN, Wi-Fi, VPN, firewall, and internet connectivity environments Lead network security initiatives including monitoring, patching, access control, and incident response Support and develop cloud and hybrid infrastructure connectivity Manage relationships with third-party vendors, ISPs, and technology partners Provide technical leadership and mentorship to junior IT staff Ensure robust disaster recovery, backup, and business continuity procedures Participate in infrastructure projects, upgrades, and future technology planning Maintain network documentation, standards, and compliance requirements Technical Environment Experience in several of the following areas would be beneficial: Cisco / Aruba / Fortinet / Palo Alto technologies Switching & routing Firewalls & network security VLANs, VPNs, DHCP, DNS Microsoft Server & Active Directory Azure and/or AWS connectivity VMware or Hyper-V Cyber security best practices Monitoring and performance tools About You Proven experience in a Network Analyst, Network Lead or Infrastructure Analyst role Strong troubleshooting and problem-solving skills Comfortable operating in both hands-on technical and strategic capacities Excellent communication and stakeholder management skills Ability to prioritise workload and manage multiple projects effectively Relevant certifications such as CCNA, CCNP, Fortinet, or equivalent are desirable What's on Offer Competitive salary Hybrid working opportunities Pension scheme Ongoing training and certification support Friendly and collaborative working environment Free parking Strong long-term career progression opportunities If you are looking for a varied and rewarding Network Analyst / Lead opportunity within a stable and forward-thinking organisation near Oxford, we would love to hear from you. Please send an up to date CV for an immediate response and more information on a fantastic opportunity with a truly great Client.
Jun 13, 2026
Full time
Network Analyst / Lead Outskirts of Oxford Permanent 35,000 - 40,000 + Benefits I am seeking an experienced and proactive Network Analyst / Lead to join a well-established organisation based on the outskirts of Oxford. This is an excellent opportunity for a technically strong infrastructure professional who enjoys combining hands-on network engineering with leadership, strategic planning, and continuous improvement. Working within a growing IT team, you will take ownership of the organisation's network infrastructure, security posture, and connectivity across multiple sites, ensuring high availability, resilience, and performance. Key Responsibilities Manage, maintain, and optimise the organisation's network infrastructure Oversee LAN, WAN, Wi-Fi, VPN, firewall, and internet connectivity environments Lead network security initiatives including monitoring, patching, access control, and incident response Support and develop cloud and hybrid infrastructure connectivity Manage relationships with third-party vendors, ISPs, and technology partners Provide technical leadership and mentorship to junior IT staff Ensure robust disaster recovery, backup, and business continuity procedures Participate in infrastructure projects, upgrades, and future technology planning Maintain network documentation, standards, and compliance requirements Technical Environment Experience in several of the following areas would be beneficial: Cisco / Aruba / Fortinet / Palo Alto technologies Switching & routing Firewalls & network security VLANs, VPNs, DHCP, DNS Microsoft Server & Active Directory Azure and/or AWS connectivity VMware or Hyper-V Cyber security best practices Monitoring and performance tools About You Proven experience in a Network Analyst, Network Lead or Infrastructure Analyst role Strong troubleshooting and problem-solving skills Comfortable operating in both hands-on technical and strategic capacities Excellent communication and stakeholder management skills Ability to prioritise workload and manage multiple projects effectively Relevant certifications such as CCNA, CCNP, Fortinet, or equivalent are desirable What's on Offer Competitive salary Hybrid working opportunities Pension scheme Ongoing training and certification support Friendly and collaborative working environment Free parking Strong long-term career progression opportunities If you are looking for a varied and rewarding Network Analyst / Lead opportunity within a stable and forward-thinking organisation near Oxford, we would love to hear from you. Please send an up to date CV for an immediate response and more information on a fantastic opportunity with a truly great Client.
Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure to meet business requirements and objectives. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security
Jun 13, 2026
Full time
Senior Network and Security Analyst - L2/L3 Network Infrastructure - Cyber Security - SIEM tools My client who are leaders in their field are looking for a Senior Cyber Security and Network Analyst to provide effective and timely operational support, development and management of the IT network and security infrastructure to meet business requirements and objectives. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1) Benefits At Claranet, we go the extra mile with our people because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet, our internal community that supports causes close to our employees hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We re proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click apply we can t wait to meet you!
Jun 13, 2026
Full time
The Role As an Associate SOC Analyst, you bring a strong background in IT or cybersecurity to a transitory role that builds towards full SOC Analyst responsibilities. You use your foundational knowledge to independently triage, investigate, and validate alerts using established playbooks. While you handle basic incident investigations and documentation, you escalate cases requiring deeper analysis to Shift Leads or Senior SOC Analysts. This role focuses on developing your skills through mentoring, continuous learning, and hands-on experience, with the expectation of advancing to a full SOC Analyst position within 18 months following your successful probationary period. Key Responsibilities Incident Triage & Investigation You review and prioritise new alerts from security monitoring tools (e.g., SIEM, endpoint solutions), performing basic checks to distinguish genuine threats from false positives. You rely on established playbooks and make initial validation decisions while escalating more complex incidents to Shift Leads or Senior SOC Analysts Continuous Improvement You contribute to the enhancement of detection logic by identifying recurring or redundant alerts. You participate in threat hunting and skills development sessions to help reduce false positives and accelerate response times Escalation You ensure that incidents requiring advanced investigation or containment are properly escalated. Your clear, concise documentation, including detailed ticket notes and supporting evidence, facilitates smooth handovers to Shift Leads, Senior SOC Analysts, or customer teams Skills and Attributes A strong foundational background in IT or cybersecurity Demonstrated ability to perform basic incident triage, analysis, and escalation; extensive hands-on SOC operational experience is not required, as this role serves as a stepping stone to a full SOC Analyst Willingness to work toward or obtain entry-level cybersecurity certifications (e.g. CompTIA Security+, Security Blue Team BTL1) Benefits At Claranet, we go the extra mile with our people because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: Pension Scheme: Employer-matched contributions to help you plan for the future. Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing. Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms. Personalised Wellbeing Support: App-based resources and services available 24/7 Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. Continuous Learning & Development: Ongoing opportunities to grow your skills and advance your career. What makes us unique is Team Claranet, our internal community that supports causes close to our employees hearts. We offer paid charity leave, support local charities across our offices, and host annual fundraising events, all backed by a dedicated committee. We re proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click apply we can t wait to meet you!
Senior Cyber Security & Network Analyst Tadworth - Advisable to be a car driver due to the location of the business Hybrid - 2 days in the office - 3 WFH - ( fully office based for the first 4 weeks) flexible to adhoc weekend work as and when required We're seeking a Senior Cyber Security & Network Analyst to support and manage our IT network and security infrastructure, ensuring robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats, conduct investigations, and implement security fixes Support delivery of cyber security projects and ongoing improvements Key Skills & Experience Proven experience in cyber security operations and network infrastructure Strong knowledge of Palo Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding of data security, threat analysis, and security best practice Essential Requirements Strong problem-solving and analytical skills Excellent communication and stakeholder management Ability to work independently in a fast-paced environment Methodical, organised, and detail-oriented approach Office Angels is an employment agency and business. We are an equal-opportunities employer who puts expertise, energy and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, abilities and more. By showcasing talents, skills and unique experiences in an inclusive environment, we help individuals thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you. Office Angels acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Office Angels UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Office Angels. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.
Jun 13, 2026
Full time
Senior Cyber Security & Network Analyst Tadworth - Advisable to be a car driver due to the location of the business Hybrid - 2 days in the office - 3 WFH - ( fully office based for the first 4 weeks) flexible to adhoc weekend work as and when required We're seeking a Senior Cyber Security & Network Analyst to support and manage our IT network and security infrastructure, ensuring robust protection of business systems and data. Key Responsibilities Manage day-to-day cyber security operations and incident response Monitor and optimise security tools (SIEM, firewalls, endpoint security) Maintain and support network infrastructure (LAN/WAN, Wi-Fi, L2/L3) Identify threats, conduct investigations, and implement security fixes Support delivery of cyber security projects and ongoing improvements Key Skills & Experience Proven experience in cyber security operations and network infrastructure Strong knowledge of Palo Alto firewalls, SIEM tools, and endpoint security Experience with L2/L3 networking (Nexus, LAN/WAN, Wi-Fi) Vulnerability management (e.g. Qualys) and incident response expertise Understanding of data security, threat analysis, and security best practice Essential Requirements Strong problem-solving and analytical skills Excellent communication and stakeholder management Ability to work independently in a fast-paced environment Methodical, organised, and detail-oriented approach Office Angels is an employment agency and business. We are an equal-opportunities employer who puts expertise, energy and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, abilities and more. By showcasing talents, skills and unique experiences in an inclusive environment, we help individuals thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you. Office Angels acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Office Angels UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Office Angels. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.
SIEM Analyst / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a SIEM Analyst Cyber Threat Detection, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Jun 13, 2026
Full time
SIEM Analyst / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a SIEM Analyst Cyber Threat Detection, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Cyber Security Analyst 5 months initially Location: Bracknell (Onsite, 24/7 Shift Pattern) Inside IR35 - Umbrella only Active DV clearance required Are you passionate about safeguarding digital environments and ready to make an impact? Our client, a reputable organisation, is hiring a dedicated Cyber Security Analyst to join their on-site 24x7 shift team in Bracknell. This is an exciting opportunity to contribute to critical security operations and protect vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability of customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively Technical knowledge in enterprise IT areas such as networking and servers Active DV clearance to meet security requirements This role offers a dynamic environment where your expertise will directly contribute to organisational security. If you're ready to work in a collaborative team with a focus on continuous improvement, we want to hear from you! If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
Jun 13, 2026
Contractor
Cyber Security Analyst 5 months initially Location: Bracknell (Onsite, 24/7 Shift Pattern) Inside IR35 - Umbrella only Active DV clearance required Are you passionate about safeguarding digital environments and ready to make an impact? Our client, a reputable organisation, is hiring a dedicated Cyber Security Analyst to join their on-site 24x7 shift team in Bracknell. This is an exciting opportunity to contribute to critical security operations and protect vital services. What you'll be doing: Overseeing Security Operators during shifts, ensuring continuous security monitoring Performing initial investigations of potential threats using Security Incident and Event Management (SIEM) tools Monitoring SIEM systems for faults and anomalies Contributing to routine security incident management by identifying, prioritising, and escalating threats Supporting the confidentiality, integrity, and availability of customer services through proactive security measures What you'll bring: Proven experience in cyber security, with a solid understanding of security monitoring and incident response Technical leadership skills and the ability to guide and support team members Strong communication skills to clearly articulate findings and escalate issues effectively Technical knowledge in enterprise IT areas such as networking and servers Active DV clearance to meet security requirements This role offers a dynamic environment where your expertise will directly contribute to organisational security. If you're ready to work in a collaborative team with a focus on continuous improvement, we want to hear from you! If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
Location: Birmingham (Hybrid 3 days onsite) Salary: £45,000 - £50,000 + Excellent Benefits Contract Type: Permanent The Role SOC Engineer - Cyber We re looking for a hands-on SOC Engineer to join a rapidly growing Cyber Security function within a large enterprise technology environment. This is an opportunity to work in one of the most modern and well-equipped SOC environments in the market, supporting enterprise customers across a broad range of managed security services and cloud technologies. This is a genuinely engineering-led role rather than a traditional SOC analyst position. You ll be heavily involved in infrastructure, cloud security, security tooling, automation, and operational cyber engineering across enterprise-scale environments. Working from a Birmingham-based SOC three days a week, you ll play a key role in supporting customer environments, improving cyber capabilities, and helping showcase a cutting-edge SOC environment to visiting customers and stakeholders. What s in it for you as our Cyber SOC Engineer? Salary of £45,000 - £50,000 Hybrid working environment Excellent company benefits package Flexible benefits scheme Access to industry-leading SOC technology and tooling Dedicated training and development time each week Fully funded learning opportunities and partner-led certifications Opportunities to attend conferences and industry events Career progression within a large enterprise technology organisation Exposure to enterprise-scale cloud and cyber environments Supportive, collaborative, and highly technical team environment Duties as SOC Engineer - Cyber As a Cyber SOC Engineer, you will: Act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling Support, maintain, and improve cyber security infrastructure across enterprise customer environments Work closely with internal teams and customers to onboard, configure, and optimise security technologies and services Investigate and resolve platform issues, security alerts, log source health problems, and tooling-related incidents Configure and support technologies such as Microsoft Defender, Sentinel, CrowdStrike, Tenable, and related security platforms Assist with vulnerability scanning, remediation support, and operational security improvements Contribute to automation and scripting initiatives using tools such as KQL, PowerShell, Python, or Bash Produce and maintain technical documentation, operational runbooks, and security playbooks Support governance and compliance activities aligned to standards such as ISO27001, GDPR, and NCSC guidance Work collaboratively across infrastructure, cloud, networking, and cyber teams to improve service delivery and operational resilience Stay up to date with emerging cyber threats, technologies, and security best practice Contribute to continual improvement initiatives across the SOC function Who are we looking for as our Cyber SOC Engineer? We re looking for a technically capable and proactive engineer who enjoys solving problems, learning new technologies, and working collaboratively in a fast-paced environment. This role would suit someone from a SOC Engineering, Cloud Security, Infrastructure Security, or Cyber Engineering background who enjoys hands-on technical work rather than purely monitoring or analyst-based responsibilities. You ll ideally have experience with: Microsoft Sentinel and Microsoft Defender EDR/XDR/MDR technologies Vulnerability management tools such as Tenable or Qualys Azure, Microsoft 365, Intune, or AWS environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud security technologies We d especially like to hear from candidates who are: Strong communicators who can work confidently with both technical and non-technical stakeholders Organised, collaborative, and eager to learn Comfortable working in a customer-facing environment Self-driven and proactive in solving problems Able to take ownership while also working well within a team Interested in developing their cyber engineering and cloud security expertise further Relevant certifications such as SC-200, SC-900, AZ-500, CISSP, or similar would be advantageous, but practical engineering experience is equally important. Please note: Candidates must be eligible for UK Security Clearance (SC/BPSS), including having the right to work in the UK and meeting residency requirements. INDHS
Jun 13, 2026
Full time
Location: Birmingham (Hybrid 3 days onsite) Salary: £45,000 - £50,000 + Excellent Benefits Contract Type: Permanent The Role SOC Engineer - Cyber We re looking for a hands-on SOC Engineer to join a rapidly growing Cyber Security function within a large enterprise technology environment. This is an opportunity to work in one of the most modern and well-equipped SOC environments in the market, supporting enterprise customers across a broad range of managed security services and cloud technologies. This is a genuinely engineering-led role rather than a traditional SOC analyst position. You ll be heavily involved in infrastructure, cloud security, security tooling, automation, and operational cyber engineering across enterprise-scale environments. Working from a Birmingham-based SOC three days a week, you ll play a key role in supporting customer environments, improving cyber capabilities, and helping showcase a cutting-edge SOC environment to visiting customers and stakeholders. What s in it for you as our Cyber SOC Engineer? Salary of £45,000 - £50,000 Hybrid working environment Excellent company benefits package Flexible benefits scheme Access to industry-leading SOC technology and tooling Dedicated training and development time each week Fully funded learning opportunities and partner-led certifications Opportunities to attend conferences and industry events Career progression within a large enterprise technology organisation Exposure to enterprise-scale cloud and cyber environments Supportive, collaborative, and highly technical team environment Duties as SOC Engineer - Cyber As a Cyber SOC Engineer, you will: Act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling Support, maintain, and improve cyber security infrastructure across enterprise customer environments Work closely with internal teams and customers to onboard, configure, and optimise security technologies and services Investigate and resolve platform issues, security alerts, log source health problems, and tooling-related incidents Configure and support technologies such as Microsoft Defender, Sentinel, CrowdStrike, Tenable, and related security platforms Assist with vulnerability scanning, remediation support, and operational security improvements Contribute to automation and scripting initiatives using tools such as KQL, PowerShell, Python, or Bash Produce and maintain technical documentation, operational runbooks, and security playbooks Support governance and compliance activities aligned to standards such as ISO27001, GDPR, and NCSC guidance Work collaboratively across infrastructure, cloud, networking, and cyber teams to improve service delivery and operational resilience Stay up to date with emerging cyber threats, technologies, and security best practice Contribute to continual improvement initiatives across the SOC function Who are we looking for as our Cyber SOC Engineer? We re looking for a technically capable and proactive engineer who enjoys solving problems, learning new technologies, and working collaboratively in a fast-paced environment. This role would suit someone from a SOC Engineering, Cloud Security, Infrastructure Security, or Cyber Engineering background who enjoys hands-on technical work rather than purely monitoring or analyst-based responsibilities. You ll ideally have experience with: Microsoft Sentinel and Microsoft Defender EDR/XDR/MDR technologies Vulnerability management tools such as Tenable or Qualys Azure, Microsoft 365, Intune, or AWS environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud security technologies We d especially like to hear from candidates who are: Strong communicators who can work confidently with both technical and non-technical stakeholders Organised, collaborative, and eager to learn Comfortable working in a customer-facing environment Self-driven and proactive in solving problems Able to take ownership while also working well within a team Interested in developing their cyber engineering and cloud security expertise further Relevant certifications such as SC-200, SC-900, AZ-500, CISSP, or similar would be advantageous, but practical engineering experience is equally important. Please note: Candidates must be eligible for UK Security Clearance (SC/BPSS), including having the right to work in the UK and meeting residency requirements. INDHS
Senior Cyber Security & Network Analyst The Opportunity in a Nutshell On behalf of our client, a leader in their industry , we are seeking a senior, hands-on technology professional with a deep foundation in Network Engineering (minimum 5-7 years of experience) coupled with strong Cyber Security expertise. This is not a purely monitoring role; the client requires an engineer who can lead from the front, physically and logically build infrastructure, and own complex technical projects from inception to completion. You will ensure the client's digital ecosystem remains resilient, highly performant, and securely aligned with evolving business objectives. Core Responsibilities As a senior technical anchor within the operations team, your daily focus will heavily lean into robust network engineering, system build-outs, and defensive security protocols: Infrastructure Installations & Kit Builds: Act as the technical lead for configuring, assembling, installing, and deploying new network and security hardware. Ensure all engineering documentation is immaculately maintained. Network Architecture Ownership: Maintain, optimize, and scale the client's Layer 2/3 environment, specifically managing Cisco Nexus routing, LAN/WAN frameworks, wireless networks, B2B links, and network load balancing solutions. Project Leadership: Spearhead mid-to-large scale infrastructure initiatives, ensuring deliverables are hit on time and within budget. You will be expected to demonstrate the tangible business value your technical decisions bring to the overall deployment process. Infrastructure Defense & Monitoring: Oversee next-generation Palo Alto firewalls, intrusion prevention systems, and data encryption protocols. Monitor SIEM platforms and threat feeds to isolate, investigate, and remediate digital vulnerabilities. Collaboration & Mentorship: Partner closely with internal technical squads and coordinate with external vendor partners. Provide coaching and technical advice to team members to foster a culture of continuous improvement. What The Client Is Looking For To thrive in this fast-paced environment, candidates must possess a blend of seasoned engineering experience and a structured, methodical approach to problem-solving. Technical Competencies: Minimum of 5-7 years of dedicated experience implementing, supporting, and developing complex L2/3 network architectures. Proven track record of leading and performing new network installations and physical/logical kit builds. Deep technical proficiency configuring and supporting L2/3 Cisco Nexus switching frameworks and Aruba Wi-Fi environments. Solid understanding of Network Load Balancing mechanisms and coordinating third-party Penetration Testing. Strong secondary expertise in Cyber Security, specifically administering Palo Alto Firewalls alongside their advanced next-gen service suites. Background utilizing Qualys Vulnerability Management tools and endpoint detection/remediation software. Previous experience navigating SOX compliance frameworks and handling fast-paced data environments is highly desirable. Application Requirement: Project Examples Our client values real-world execution. As part of your application, please be prepared to provide specific examples of projects where you led from the front on network or security kit deployments. We will look for details on: The scope of the hardware/software deployment you personally executed. The specific technical challenges you overcame during the installation or build phase. The tangible value and security/performance improvements your role brought to that process. Growth, Support & Culture Our client believes in empowering their people to reach their full potential. Joining this team means benefiting from: Structured Progression: Clear objective setting, tailored 1:1 mentorship sessions, and consistent coaching to elevate your architectural capabilities. Empowerment & Autonomy: An inclusive culture that grants ownership of meaningful outcomes and encourages exploration of development opportunities outside your immediate remit. A Collaborative Space: A supportive management philosophy designed to give employees the resources they need to excel while allowing them to bring their authentic selves to work every day.
Jun 13, 2026
Full time
Senior Cyber Security & Network Analyst The Opportunity in a Nutshell On behalf of our client, a leader in their industry , we are seeking a senior, hands-on technology professional with a deep foundation in Network Engineering (minimum 5-7 years of experience) coupled with strong Cyber Security expertise. This is not a purely monitoring role; the client requires an engineer who can lead from the front, physically and logically build infrastructure, and own complex technical projects from inception to completion. You will ensure the client's digital ecosystem remains resilient, highly performant, and securely aligned with evolving business objectives. Core Responsibilities As a senior technical anchor within the operations team, your daily focus will heavily lean into robust network engineering, system build-outs, and defensive security protocols: Infrastructure Installations & Kit Builds: Act as the technical lead for configuring, assembling, installing, and deploying new network and security hardware. Ensure all engineering documentation is immaculately maintained. Network Architecture Ownership: Maintain, optimize, and scale the client's Layer 2/3 environment, specifically managing Cisco Nexus routing, LAN/WAN frameworks, wireless networks, B2B links, and network load balancing solutions. Project Leadership: Spearhead mid-to-large scale infrastructure initiatives, ensuring deliverables are hit on time and within budget. You will be expected to demonstrate the tangible business value your technical decisions bring to the overall deployment process. Infrastructure Defense & Monitoring: Oversee next-generation Palo Alto firewalls, intrusion prevention systems, and data encryption protocols. Monitor SIEM platforms and threat feeds to isolate, investigate, and remediate digital vulnerabilities. Collaboration & Mentorship: Partner closely with internal technical squads and coordinate with external vendor partners. Provide coaching and technical advice to team members to foster a culture of continuous improvement. What The Client Is Looking For To thrive in this fast-paced environment, candidates must possess a blend of seasoned engineering experience and a structured, methodical approach to problem-solving. Technical Competencies: Minimum of 5-7 years of dedicated experience implementing, supporting, and developing complex L2/3 network architectures. Proven track record of leading and performing new network installations and physical/logical kit builds. Deep technical proficiency configuring and supporting L2/3 Cisco Nexus switching frameworks and Aruba Wi-Fi environments. Solid understanding of Network Load Balancing mechanisms and coordinating third-party Penetration Testing. Strong secondary expertise in Cyber Security, specifically administering Palo Alto Firewalls alongside their advanced next-gen service suites. Background utilizing Qualys Vulnerability Management tools and endpoint detection/remediation software. Previous experience navigating SOX compliance frameworks and handling fast-paced data environments is highly desirable. Application Requirement: Project Examples Our client values real-world execution. As part of your application, please be prepared to provide specific examples of projects where you led from the front on network or security kit deployments. We will look for details on: The scope of the hardware/software deployment you personally executed. The specific technical challenges you overcame during the installation or build phase. The tangible value and security/performance improvements your role brought to that process. Growth, Support & Culture Our client believes in empowering their people to reach their full potential. Joining this team means benefiting from: Structured Progression: Clear objective setting, tailored 1:1 mentorship sessions, and consistent coaching to elevate your architectural capabilities. Empowerment & Autonomy: An inclusive culture that grants ownership of meaningful outcomes and encourages exploration of development opportunities outside your immediate remit. A Collaborative Space: A supportive management philosophy designed to give employees the resources they need to excel while allowing them to bring their authentic selves to work every day.
We are partnered with a growing cyber security business in Buckinghamshire, supporting customers with threat monitoring and incident response services. They are looking for a Cyber Security Analyst to join their growing SOC team, helping to investigate and respond to live security threats across customer environments. In this Cyber Security Analyst role, you will: Investigate and respond to security alerts across endpoint, network, and cloud environments Carry out deeper analysis on suspicious activity and support incident response actions Work closely with wider technical teams during live investigations and escalations Help improve detection processes, alert quality, and day-to-day SOC operations The ideal Cyber Security Analyst will have: Commercial experience within a SOC or cyber security operations environment Good understanding of threats such as phishing, malware, ransomware, and account compromise Experience using security tools such as SIEM, EDR, firewalls, or detection platforms A calm, methodical approach to investigation and problem solving under pressure This is a hybrid role (3 days per week at their Buckinghamshire office) with normal office hours (no shift pattern). You will receive ongoing training and exposure to a broad range of customer environments and technologies. This is a great opportunity for someone looking to continue developing within cyber operation. For more information on this Cyber Security Analyst role in Buckinghamshire, email Ed at (url removed) or call (phone number removed).
Jun 13, 2026
Full time
We are partnered with a growing cyber security business in Buckinghamshire, supporting customers with threat monitoring and incident response services. They are looking for a Cyber Security Analyst to join their growing SOC team, helping to investigate and respond to live security threats across customer environments. In this Cyber Security Analyst role, you will: Investigate and respond to security alerts across endpoint, network, and cloud environments Carry out deeper analysis on suspicious activity and support incident response actions Work closely with wider technical teams during live investigations and escalations Help improve detection processes, alert quality, and day-to-day SOC operations The ideal Cyber Security Analyst will have: Commercial experience within a SOC or cyber security operations environment Good understanding of threats such as phishing, malware, ransomware, and account compromise Experience using security tools such as SIEM, EDR, firewalls, or detection platforms A calm, methodical approach to investigation and problem solving under pressure This is a hybrid role (3 days per week at their Buckinghamshire office) with normal office hours (no shift pattern). You will receive ongoing training and exposure to a broad range of customer environments and technologies. This is a great opportunity for someone looking to continue developing within cyber operation. For more information on this Cyber Security Analyst role in Buckinghamshire, email Ed at (url removed) or call (phone number removed).
Senior Cyber Security & Network Analyst Location: Surrey - 2-3 days on-site Type: Permanent Overview We're looking for a Senior Cyber Security & Network Analyst to join a high-performing IT function responsible for protecting and supporting a complex enterprise environment. This is a hands-on, hybrid role combining cyber security operations, security engineering, and network infrastructure ownership . You'll play a key part in safeguarding systems, responding to threats, and driving continuous improvements across the organisation's security posture. What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys) Maintain and support network infrastructure (LAN, WAN, Wi-Fi, load balancing, connectivity) Analyse security data to identify risks, threats, and vulnerabilities Deliver security-focused projects , including new tool implementation and enhancements Support security audits, access controls, and compliance requirements Collaborate with internal teams and third-party vendors to resolve complex issues Produce and maintain technical documentation, policies, and procedures Key Skills & Experience We're particularly interested in candidates with a strong mix of security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing Experience managing security incidents and threat response Understanding of data security, risk management, and compliance environments Exposure to working within structured or regulated environments is beneficial
Jun 13, 2026
Full time
Senior Cyber Security & Network Analyst Location: Surrey - 2-3 days on-site Type: Permanent Overview We're looking for a Senior Cyber Security & Network Analyst to join a high-performing IT function responsible for protecting and supporting a complex enterprise environment. This is a hands-on, hybrid role combining cyber security operations, security engineering, and network infrastructure ownership . You'll play a key part in safeguarding systems, responding to threats, and driving continuous improvements across the organisation's security posture. What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys) Maintain and support network infrastructure (LAN, WAN, Wi-Fi, load balancing, connectivity) Analyse security data to identify risks, threats, and vulnerabilities Deliver security-focused projects , including new tool implementation and enhancements Support security audits, access controls, and compliance requirements Collaborate with internal teams and third-party vendors to resolve complex issues Produce and maintain technical documentation, policies, and procedures Key Skills & Experience We're particularly interested in candidates with a strong mix of security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing Experience managing security incidents and threat response Understanding of data security, risk management, and compliance environments Exposure to working within structured or regulated environments is beneficial
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
Jun 13, 2026
Contractor
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
Jun 13, 2026
Contractor
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 13, 2026
Full time
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Jun 13, 2026
Full time
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 13, 2026
Full time
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Jun 13, 2026
Full time
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Jun 13, 2026
Full time
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Jun 12, 2026
Full time
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 12, 2026
Full time
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
