Senior Cyber Security Analyst Central London (1 day per week onsite) up to 85,000 + benefits About the Role This is a highly visible opportunity to join a growing global Cyber Defence function at an exciting stage of transformation and centralisation. Cyber security remains a core strategic priority for the organisation as it continues to modernise operations and strengthen resilience across a complex international environment. The successful individual will play a critical role in strengthening operational security capabilities while helping shape the future direction of the team as the wider security function evolves. This role offers genuine ownership, senior stakeholder exposure and strong progression potential into future lead or management responsibilities over time. The Opportunity We are seeking an experienced Senior Cyber Security Analyst to join a global Cyber Defence function. This is not a traditional SOC analyst position focused purely on alert investigation. Instead, this role requires an individual capable of leading cyber incidents operationally, technically and commercially from end-to-end. You will act as a senior technical subject matter expert across incident response, detection engineering, cloud security and vulnerability management, while also providing calm, structured leadership during high-pressure situations. The environment is heavily Microsoft-focused, with particular emphasis on: Microsoft Sentinel Microsoft Defender XDR Azure security and secure-by-design principles Detection engineering and automation Threat and vulnerability management You will work closely with global technology and cyber teams to continuously improve monitoring, detection, response and remediation capabilities across hybrid cloud and on-premise environments. Key Responsibilities Incident Response & Major Incident Management Lead the end-to-end management of cyber security incidents across global environments. Take ownership of incident triage, severity assessment and response coordination across P1-P4 incidents. Lead incident bridge calls and coordinate technical and business stakeholders throughout the incident lifecycle. Assess technical, operational and commercial impact to support effective decision-making under pressure. Provide clear, calm and structured communications to both technical teams and senior leadership. Drive containment, eradication, recovery and post-incident improvement activities. Conduct root cause analysis and ensure lessons learned are embedded into operational processes and controls. Develop and maintain incident response procedures, playbooks and documentation aligned to industry best practice. Detection Engineering & Security Automation Configure, optimise and continuously improve Microsoft Sentinel and Microsoft Defender technologies. Develop and tune detection logic using KQL to identify emerging threats and attacker behaviours. Build and maintain automated SOAR workflows using Logic Apps and related technologies. Integrate Microsoft security tooling with third-party technologies and service providers. Identify monitoring gaps and improve visibility across cloud and on-premise environments. Maintain high-quality technical documentation for detections, automations and operational workflows. Cloud Security & Secure-by-Design Support secure configuration and operational security across Azure and associated cloud services. Collaborate with infrastructure and engineering teams to embed secure-by-design principles. Evaluate configuration changes and ensure alignment with security standards and controls. Support implementation and optimisation of Microsoft Defender security policies across endpoint, identity, cloud and email platforms. Contribute to the continuous improvement of cloud security posture across global operations. Threat & Vulnerability Management Support and enhance the vulnerability management programme across infrastructure, cloud and endpoint environments. Work with tools such as Microsoft Defender Vulnerability Management and Tenable to identify and prioritise vulnerabilities. Translate vulnerability findings into actionable remediation plans with technology stakeholders. Leverage cyber threat intelligence to improve detection capabilities and prioritisation decisions. Track remediation progress and provide meaningful risk reporting to cyber leadership. Stakeholder Management & Collaboration Partner with Group IT, Regional IT and wider technology teams across multiple geographies. Act as a trusted advisor across operational security, incident response and cyber defence activities. Balance technical risk with operational realities and business priorities. Demonstrate strong stakeholder management and communication skills at all levels of the organisation. Contribute to a positive cyber security culture and continuous improvement mindset across the business. What We're Looking For Essential Experience Proven experience leading cyber security incidents end-to-end within enterprise environments. Strong background in Security Operations, Cyber Defence, Incident Response or Blue Team functions. Experience operating within hybrid cloud and on-premise environments. Hands-on experience with Microsoft Sentinel, Microsoft Defender XDR and Azure security technologies. Experience with detection engineering, threat detection and security automation. Exposure to vulnerability management platforms such as Tenable or Microsoft Defender Vulnerability Management. Experience managing stakeholder communications during high-severity incidents. Strong understanding of attacker tactics, techniques and procedures (TTPs). Technical Skills Strong Microsoft security ecosystem expertise. Advanced KQL experience for investigations, detections and reporting. Experience building automation workflows using Logic Apps or similar technologies. Knowledge of cloud security principles across Azure and ideally AWS or Google Cloud. Familiarity with industry frameworks such as NIST and ISO 27001. Personal Attributes We are particularly interested in individuals who demonstrate: Calmness under pressure Strong ownership and accountability Excellent communication and stakeholder management skills Commercial awareness alongside technical depth Gravitas and confidence leading senior incident discussions The ability to know when to stop investigating and start managing the wider incident process What's on Offer Highly visible role within a growing global cyber security function Genuine ownership and influence across security operations Opportunity to shape and mature cyber defence capabilities globally Strong balance of technical depth and business engagement Clear long-term progression opportunities as the team expands Flexible hybrid working with only 1 day per week onsite in Central London To apply for this fantastic opportunity please send your CV
Jun 23, 2026
Full time
Senior Cyber Security Analyst Central London (1 day per week onsite) up to 85,000 + benefits About the Role This is a highly visible opportunity to join a growing global Cyber Defence function at an exciting stage of transformation and centralisation. Cyber security remains a core strategic priority for the organisation as it continues to modernise operations and strengthen resilience across a complex international environment. The successful individual will play a critical role in strengthening operational security capabilities while helping shape the future direction of the team as the wider security function evolves. This role offers genuine ownership, senior stakeholder exposure and strong progression potential into future lead or management responsibilities over time. The Opportunity We are seeking an experienced Senior Cyber Security Analyst to join a global Cyber Defence function. This is not a traditional SOC analyst position focused purely on alert investigation. Instead, this role requires an individual capable of leading cyber incidents operationally, technically and commercially from end-to-end. You will act as a senior technical subject matter expert across incident response, detection engineering, cloud security and vulnerability management, while also providing calm, structured leadership during high-pressure situations. The environment is heavily Microsoft-focused, with particular emphasis on: Microsoft Sentinel Microsoft Defender XDR Azure security and secure-by-design principles Detection engineering and automation Threat and vulnerability management You will work closely with global technology and cyber teams to continuously improve monitoring, detection, response and remediation capabilities across hybrid cloud and on-premise environments. Key Responsibilities Incident Response & Major Incident Management Lead the end-to-end management of cyber security incidents across global environments. Take ownership of incident triage, severity assessment and response coordination across P1-P4 incidents. Lead incident bridge calls and coordinate technical and business stakeholders throughout the incident lifecycle. Assess technical, operational and commercial impact to support effective decision-making under pressure. Provide clear, calm and structured communications to both technical teams and senior leadership. Drive containment, eradication, recovery and post-incident improvement activities. Conduct root cause analysis and ensure lessons learned are embedded into operational processes and controls. Develop and maintain incident response procedures, playbooks and documentation aligned to industry best practice. Detection Engineering & Security Automation Configure, optimise and continuously improve Microsoft Sentinel and Microsoft Defender technologies. Develop and tune detection logic using KQL to identify emerging threats and attacker behaviours. Build and maintain automated SOAR workflows using Logic Apps and related technologies. Integrate Microsoft security tooling with third-party technologies and service providers. Identify monitoring gaps and improve visibility across cloud and on-premise environments. Maintain high-quality technical documentation for detections, automations and operational workflows. Cloud Security & Secure-by-Design Support secure configuration and operational security across Azure and associated cloud services. Collaborate with infrastructure and engineering teams to embed secure-by-design principles. Evaluate configuration changes and ensure alignment with security standards and controls. Support implementation and optimisation of Microsoft Defender security policies across endpoint, identity, cloud and email platforms. Contribute to the continuous improvement of cloud security posture across global operations. Threat & Vulnerability Management Support and enhance the vulnerability management programme across infrastructure, cloud and endpoint environments. Work with tools such as Microsoft Defender Vulnerability Management and Tenable to identify and prioritise vulnerabilities. Translate vulnerability findings into actionable remediation plans with technology stakeholders. Leverage cyber threat intelligence to improve detection capabilities and prioritisation decisions. Track remediation progress and provide meaningful risk reporting to cyber leadership. Stakeholder Management & Collaboration Partner with Group IT, Regional IT and wider technology teams across multiple geographies. Act as a trusted advisor across operational security, incident response and cyber defence activities. Balance technical risk with operational realities and business priorities. Demonstrate strong stakeholder management and communication skills at all levels of the organisation. Contribute to a positive cyber security culture and continuous improvement mindset across the business. What We're Looking For Essential Experience Proven experience leading cyber security incidents end-to-end within enterprise environments. Strong background in Security Operations, Cyber Defence, Incident Response or Blue Team functions. Experience operating within hybrid cloud and on-premise environments. Hands-on experience with Microsoft Sentinel, Microsoft Defender XDR and Azure security technologies. Experience with detection engineering, threat detection and security automation. Exposure to vulnerability management platforms such as Tenable or Microsoft Defender Vulnerability Management. Experience managing stakeholder communications during high-severity incidents. Strong understanding of attacker tactics, techniques and procedures (TTPs). Technical Skills Strong Microsoft security ecosystem expertise. Advanced KQL experience for investigations, detections and reporting. Experience building automation workflows using Logic Apps or similar technologies. Knowledge of cloud security principles across Azure and ideally AWS or Google Cloud. Familiarity with industry frameworks such as NIST and ISO 27001. Personal Attributes We are particularly interested in individuals who demonstrate: Calmness under pressure Strong ownership and accountability Excellent communication and stakeholder management skills Commercial awareness alongside technical depth Gravitas and confidence leading senior incident discussions The ability to know when to stop investigating and start managing the wider incident process What's on Offer Highly visible role within a growing global cyber security function Genuine ownership and influence across security operations Opportunity to shape and mature cyber defence capabilities globally Strong balance of technical depth and business engagement Clear long-term progression opportunities as the team expands Flexible hybrid working with only 1 day per week onsite in Central London To apply for this fantastic opportunity please send your CV
Senior IT Security Engineer SOC Engineer Southend on Sea, Essex 70,000 + benefits Full-Time Permanent Hybrid Are you an experienced SOC Engineer looking to play a key role in a small infrastructure team? We're working with a well-established, technology-led organisation who are investing in their cyber capability and looking for an IT Security / SOC Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll contribute to threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security issues Supporting compliance with security standards and best practice Working closely with IT and wider teams to embed security across systems What We're Looking For Experience in a cybersecurity / IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR etc.) Ability to investigate threats and respond to incidents effectively Bonus points for: Security certifications (Security+, CEH, CISM, CISA) Scripting/automation experience (e.g. PowerShell) What's On Offer Flexitime + early Friday finish 24 days holiday + bank holidays Pension (6-7%), life assurance & sick pay Free parking, onsite caf & gym access If you're looking for a role where you can influence strategy and make a real impact, this is well worth a conversation. Security Clearance is required for this role - applicants need to be eligible for UK Security clearance. Hit apply to upload your CV or contact (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Jun 23, 2026
Full time
Senior IT Security Engineer SOC Engineer Southend on Sea, Essex 70,000 + benefits Full-Time Permanent Hybrid Are you an experienced SOC Engineer looking to play a key role in a small infrastructure team? We're working with a well-established, technology-led organisation who are investing in their cyber capability and looking for an IT Security / SOC Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll contribute to threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security issues Supporting compliance with security standards and best practice Working closely with IT and wider teams to embed security across systems What We're Looking For Experience in a cybersecurity / IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR etc.) Ability to investigate threats and respond to incidents effectively Bonus points for: Security certifications (Security+, CEH, CISM, CISA) Scripting/automation experience (e.g. PowerShell) What's On Offer Flexitime + early Friday finish 24 days holiday + bank holidays Pension (6-7%), life assurance & sick pay Free parking, onsite caf & gym access If you're looking for a role where you can influence strategy and make a real impact, this is well worth a conversation. Security Clearance is required for this role - applicants need to be eligible for UK Security clearance. Hit apply to upload your CV or contact (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Jun 20, 2026
Full time
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
Jun 20, 2026
Full time
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 19, 2026
Full time
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Are you a hands-on IT professional who enjoys solving problems and making technology work smarter for the business? We are looking for an IT Support Technician to play a vital role in supporting and enhancing our IT infrastructure. In this role, you will help ensure the smooth, secure and efficient operation of our digital systems. You'll provide first class technical support across the organisation, maintain and improve existing systems, support IT projects, and help implement technology solutions that enable teams to work effectively. Working closely with the Head of IT, you'll contribute to strategic initiatives while also being a trusted point of contact for day-to-day technical support, system stability, cybersecurity and service delivery. About Browne At Browne, we are engineering with purpose. We're a leading UK contractor working in the water and civil engineering sectors, delivering projects that help improve everyday life. From building pipelines and upgrading pumping stations to maintaining reservoirs and drainage systems, we support cleaner water, stronger infrastructure and more reliable services for communities. We offer a wide range of career opportunities both on site and behind the scenes. Whether your skills are in engineering, project delivery, safety, sustainability, commercial, planning or business support, there's a place for you at Browne. We value different perspectives and experiences, and we're proud to be a Silver Award Investors in Diversity accredited employer. Our teams use smart technology and a hands-on approach to make sure every job is delivered safely and to a high standard. We support our clients through the full life of their assets, from construction and mechanical systems to long-term maintenance. Browne is part of Renew Holdings plc, a UK-based group of specialist engineering companies What We're Looking For We're seeking a proactive, reliable and technically skilled individual who can balance hands-on support with longer-term improvements. You'll bring: Proven experience in an IT support or helpdesk role, supporting hardware, software and network environments Strong working knowledge of Microsoft 365, including Teams, SharePoint and security features such as Entra/Azure AD Experience delivering hands-on troubleshooting and user support across multiple systems and locations Understanding of cybersecurity principles, identity management and data protection, with exposure to frameworks such as Cyber Essentials Plus, CIS or NIST Familiarity with IT service management practices (e.g. ITIL) and managing support tickets against SLAs Experience working with endpoint protection or MDR solutions (e.g. SentinelOne) Excellent communication and interpersonal skills, with the ability to support and train non-technical users Strong problem-solving skills, attention to detail and the ability to manage multiple priorities Relevant IT qualifications (e.g. CompTIA or Microsoft certifications); a degree in IT or a related field is desirable Additional requirements include a valid driving licence, willingness to travel occasionally, availability to work outside standard hours when required. Why Join Us? This is a great opportunity to join a collaborative and forward-thinking organisation where technology plays a key role in business success. You'll have the chance to broaden your skills, contribute to meaningful projects, and make a real impact on how technology supports the organisation. If you're passionate about IT, enjoy working as part of a team, and want to grow your career in a supportive environment, we'd love to hear from you. Apply now to take the next step in your IT career. The Company has experienced unprecedented growth over the past few years. We have a vast number of employees, and provide support to clients from all over the country.
Jun 19, 2026
Full time
Are you a hands-on IT professional who enjoys solving problems and making technology work smarter for the business? We are looking for an IT Support Technician to play a vital role in supporting and enhancing our IT infrastructure. In this role, you will help ensure the smooth, secure and efficient operation of our digital systems. You'll provide first class technical support across the organisation, maintain and improve existing systems, support IT projects, and help implement technology solutions that enable teams to work effectively. Working closely with the Head of IT, you'll contribute to strategic initiatives while also being a trusted point of contact for day-to-day technical support, system stability, cybersecurity and service delivery. About Browne At Browne, we are engineering with purpose. We're a leading UK contractor working in the water and civil engineering sectors, delivering projects that help improve everyday life. From building pipelines and upgrading pumping stations to maintaining reservoirs and drainage systems, we support cleaner water, stronger infrastructure and more reliable services for communities. We offer a wide range of career opportunities both on site and behind the scenes. Whether your skills are in engineering, project delivery, safety, sustainability, commercial, planning or business support, there's a place for you at Browne. We value different perspectives and experiences, and we're proud to be a Silver Award Investors in Diversity accredited employer. Our teams use smart technology and a hands-on approach to make sure every job is delivered safely and to a high standard. We support our clients through the full life of their assets, from construction and mechanical systems to long-term maintenance. Browne is part of Renew Holdings plc, a UK-based group of specialist engineering companies What We're Looking For We're seeking a proactive, reliable and technically skilled individual who can balance hands-on support with longer-term improvements. You'll bring: Proven experience in an IT support or helpdesk role, supporting hardware, software and network environments Strong working knowledge of Microsoft 365, including Teams, SharePoint and security features such as Entra/Azure AD Experience delivering hands-on troubleshooting and user support across multiple systems and locations Understanding of cybersecurity principles, identity management and data protection, with exposure to frameworks such as Cyber Essentials Plus, CIS or NIST Familiarity with IT service management practices (e.g. ITIL) and managing support tickets against SLAs Experience working with endpoint protection or MDR solutions (e.g. SentinelOne) Excellent communication and interpersonal skills, with the ability to support and train non-technical users Strong problem-solving skills, attention to detail and the ability to manage multiple priorities Relevant IT qualifications (e.g. CompTIA or Microsoft certifications); a degree in IT or a related field is desirable Additional requirements include a valid driving licence, willingness to travel occasionally, availability to work outside standard hours when required. Why Join Us? This is a great opportunity to join a collaborative and forward-thinking organisation where technology plays a key role in business success. You'll have the chance to broaden your skills, contribute to meaningful projects, and make a real impact on how technology supports the organisation. If you're passionate about IT, enjoy working as part of a team, and want to grow your career in a supportive environment, we'd love to hear from you. Apply now to take the next step in your IT career. The Company has experienced unprecedented growth over the past few years. We have a vast number of employees, and provide support to clients from all over the country.
Amtis professional Ltd
Stoke Pound, Worcestershire
Security Engineer Worcestershire (Hybrid) Salary: £60-70,000 Full-Time Permanent We're supporting an organisation that is continuing to invest in its cybersecurity capability and is looking to add a Security Engineer to a growing security team. This is a broad, hands-on role suited to someone who enjoys working across multiple areas of security rather than specialising in a single discipline. You'll play a key role in improving security controls, protecting sensitive information, strengthening governance processes and driving proactive security initiatives across the business. This opportunity would suit a security professional who enjoys ownership, autonomy and the ability to make a visible impact within a lean team environment. The Role You'll work across a varied security landscape with responsibilities including: Managing and improving security monitoring and detection capabilities Supporting data protection, information governance and security best practice Developing and maintaining security controls across identity, endpoint and cloud environments Conducting threat hunting, vulnerability management and security reviews Assessing risks associated with business applications and user access Supporting the secure adoption of new technologies and business initiatives Contributing to security projects and continuous improvement programmes Working closely with technical and non-technical stakeholders to improve overall security maturity About You We're looking for someone with a genuine passion for cybersecurity and a proactive approach to identifying and reducing risk. Experience in some of the following areas would be beneficial: Security Operations (SecOps) Microsoft Sentinel Microsoft Purview Microsoft Defender Entra ID / Identity & Access Management Threat Hunting Vulnerability Management Data Protection & Information Governance Security Monitoring & Incident Investigation Cloud Security (Azure and/or AWS) We're particularly interested in individuals who can demonstrate strong security thinking, curiosity and a desire to continuously improve security processes and controls. Relevant certifications such as CISSP, CISM, Security+, SC-200 or similar would be advantageous. Why Apply? Opportunity to join a growing security function Broad exposure across multiple security disciplines High level of ownership and influence Modern Microsoft security environment Ongoing investment in training and development Flexible working arrangements Competitive salary and benefits package If you are interested in this opportunity and would like to hear more, please apply to the advert with an updated CV and contact information and we will be in touch.
Jun 18, 2026
Full time
Security Engineer Worcestershire (Hybrid) Salary: £60-70,000 Full-Time Permanent We're supporting an organisation that is continuing to invest in its cybersecurity capability and is looking to add a Security Engineer to a growing security team. This is a broad, hands-on role suited to someone who enjoys working across multiple areas of security rather than specialising in a single discipline. You'll play a key role in improving security controls, protecting sensitive information, strengthening governance processes and driving proactive security initiatives across the business. This opportunity would suit a security professional who enjoys ownership, autonomy and the ability to make a visible impact within a lean team environment. The Role You'll work across a varied security landscape with responsibilities including: Managing and improving security monitoring and detection capabilities Supporting data protection, information governance and security best practice Developing and maintaining security controls across identity, endpoint and cloud environments Conducting threat hunting, vulnerability management and security reviews Assessing risks associated with business applications and user access Supporting the secure adoption of new technologies and business initiatives Contributing to security projects and continuous improvement programmes Working closely with technical and non-technical stakeholders to improve overall security maturity About You We're looking for someone with a genuine passion for cybersecurity and a proactive approach to identifying and reducing risk. Experience in some of the following areas would be beneficial: Security Operations (SecOps) Microsoft Sentinel Microsoft Purview Microsoft Defender Entra ID / Identity & Access Management Threat Hunting Vulnerability Management Data Protection & Information Governance Security Monitoring & Incident Investigation Cloud Security (Azure and/or AWS) We're particularly interested in individuals who can demonstrate strong security thinking, curiosity and a desire to continuously improve security processes and controls. Relevant certifications such as CISSP, CISM, Security+, SC-200 or similar would be advantageous. Why Apply? Opportunity to join a growing security function Broad exposure across multiple security disciplines High level of ownership and influence Modern Microsoft security environment Ongoing investment in training and development Flexible working arrangements Competitive salary and benefits package If you are interested in this opportunity and would like to hear more, please apply to the advert with an updated CV and contact information and we will be in touch.
Network Security Operations Manager Abingdon £70,000pa £72,000pa plus bonus & benefits 1 day onsite per week: MARS has partnered a global consultancy to recruit a permanent Network Security Operations Manager to join a talented IT function. This strategic delivery partners work, spans both private and public enterprises on a global basis, delivering real impactful change, improvements and transformation for their clients. With an amazing company culture and values, this business really puts its staff at the forefront of what they do. This Network Security Operations Manager is a strategic operational role established to provide dedicated ownership and accountability for day-to-day cyber security and network operations, separate from the organisation s wider information security strategy and governance functions. As the Network Security Operations Manager , you will drive operational excellence across all group companies and international territories, ensuring the delivery of a consistent, scalable, and high-quality security and network operations service as the business continues to grow globally. Key responsibilities include: Leading operational cyber security and network activities across the group Ensuring service consistency and operational resilience across multiple territories Managing and developing relationships with a third-party Managed Security Services Provider (MSSP) Supporting a follow-the-sun operational model to enable global coverage Driving continuous improvement across security and network operations processes and performance Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party suppliers and MSSPs. Experience leading and developing technical teams. Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender, and Windows/macOS environments. Understanding of security governance, compliance, and audit requirements. Leadership & Communication Strong leadership, people management, and team development skills. Ability to drive continuous improvement and operational excellence. Excellent communication, stakeholder management, and influencing skills. Able to make sound decisions under pressure and manage competing priorities. Personal Attributes Proactive, adaptable, and results-driven. Strong analytical and problem-solving skills. Professional, collaborative, and committed to continuous learning. Able to balance security requirements with business needs. Qualifications & Certifications Essential CISSP or equivalent cyber security qualification. Relevant Microsoft security or cloud certifications, or willingness to obtain them. Degree-level qualification or equivalent experience in Cyber Security, Information Security, or IT. Desirable ISO 27001 Lead Implementer/Auditor or similar certification. ITIL, Prince2, or other relevant service management qualifications. Our client is offering a highly competitive salary and generous benefits package includes: Life Assurance, Income Protection, pension contributions and 27 days holiday (not including bank holidays). They also operate a profit share scheme so that our people share in the success of the business. The profit share bonus is based on company performance and typically paid out in March and September. Joining this impressive business also brings many social benefits. They have a full social calendar with Spring activity days, Christmas events, a 2-day Summer event and 4 sponsored weekends a year. If you re a Network Security Operations Manager looking for a career defining opportunity with progression and development, then please drop Lee at MARS an application. MARS Recruitment is an equal opportunities employer and positively welcomes applications from suitably qualified applicants regardless of race, colour, sex, marital status, national origin, religion, age, disability, or any other protected status. Suitable candidates for the role will be contacted within 3 working days, unfortunately if you haven t heard back in this time your application has been unsuccessful at this time. MARS Recruitment is a specialist Engineering & IT recruiter working in partnership with companies across the UK and offers services of both an Employment Business (for Temporary/Contract roles) and an Employment Agency (for Permanent roles).
Jun 18, 2026
Full time
Network Security Operations Manager Abingdon £70,000pa £72,000pa plus bonus & benefits 1 day onsite per week: MARS has partnered a global consultancy to recruit a permanent Network Security Operations Manager to join a talented IT function. This strategic delivery partners work, spans both private and public enterprises on a global basis, delivering real impactful change, improvements and transformation for their clients. With an amazing company culture and values, this business really puts its staff at the forefront of what they do. This Network Security Operations Manager is a strategic operational role established to provide dedicated ownership and accountability for day-to-day cyber security and network operations, separate from the organisation s wider information security strategy and governance functions. As the Network Security Operations Manager , you will drive operational excellence across all group companies and international territories, ensuring the delivery of a consistent, scalable, and high-quality security and network operations service as the business continues to grow globally. Key responsibilities include: Leading operational cyber security and network activities across the group Ensuring service consistency and operational resilience across multiple territories Managing and developing relationships with a third-party Managed Security Services Provider (MSSP) Supporting a follow-the-sun operational model to enable global coverage Driving continuous improvement across security and network operations processes and performance Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party suppliers and MSSPs. Experience leading and developing technical teams. Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender, and Windows/macOS environments. Understanding of security governance, compliance, and audit requirements. Leadership & Communication Strong leadership, people management, and team development skills. Ability to drive continuous improvement and operational excellence. Excellent communication, stakeholder management, and influencing skills. Able to make sound decisions under pressure and manage competing priorities. Personal Attributes Proactive, adaptable, and results-driven. Strong analytical and problem-solving skills. Professional, collaborative, and committed to continuous learning. Able to balance security requirements with business needs. Qualifications & Certifications Essential CISSP or equivalent cyber security qualification. Relevant Microsoft security or cloud certifications, or willingness to obtain them. Degree-level qualification or equivalent experience in Cyber Security, Information Security, or IT. Desirable ISO 27001 Lead Implementer/Auditor or similar certification. ITIL, Prince2, or other relevant service management qualifications. Our client is offering a highly competitive salary and generous benefits package includes: Life Assurance, Income Protection, pension contributions and 27 days holiday (not including bank holidays). They also operate a profit share scheme so that our people share in the success of the business. The profit share bonus is based on company performance and typically paid out in March and September. Joining this impressive business also brings many social benefits. They have a full social calendar with Spring activity days, Christmas events, a 2-day Summer event and 4 sponsored weekends a year. If you re a Network Security Operations Manager looking for a career defining opportunity with progression and development, then please drop Lee at MARS an application. MARS Recruitment is an equal opportunities employer and positively welcomes applications from suitably qualified applicants regardless of race, colour, sex, marital status, national origin, religion, age, disability, or any other protected status. Suitable candidates for the role will be contacted within 3 working days, unfortunately if you haven t heard back in this time your application has been unsuccessful at this time. MARS Recruitment is a specialist Engineering & IT recruiter working in partnership with companies across the UK and offers services of both an Employment Business (for Temporary/Contract roles) and an Employment Agency (for Permanent roles).
Senior IT Security Engineer Cyber SOC Southend on Sea, Hybrid (3 days onsite) 65,000 + benefits Full-Time Permanent Looking to take ownership of security in a business where your impact is visible? We're working with a well-established, technology-led organisation who are investing in their cyber capability and looking for an IT Security Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security issues Supporting compliance with security standards and best practice Working closely with IT and wider teams to embed security across systems What We're Looking For Experience in a cybersecurity / IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR etc.) Ability to investigate threats and respond to incidents effectively Bonus points for: Security certifications (Security+, CEH, CISM, CISA) Scripting/automation experience (e.g. PowerShell) What's On Offer Up to 65,000 salary Flexitime + early Friday finish 24 days holiday + bank holidays Pension (6-7%), life assurance & sick pay Free parking, onsite caf & gym access If you're looking for a role where you can influence strategy and make a real impact, this is well worth a conversation. Security Clearance is required for this role - applicants need to be eligible for clearance. Hit apply to upload your CV or contact (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Jun 18, 2026
Full time
Senior IT Security Engineer Cyber SOC Southend on Sea, Hybrid (3 days onsite) 65,000 + benefits Full-Time Permanent Looking to take ownership of security in a business where your impact is visible? We're working with a well-established, technology-led organisation who are investing in their cyber capability and looking for an IT Security Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks) Investigating incidents, performing root cause analysis and remediation Identifying vulnerabilities and driving proactive security improvements Acting as the go-to escalation point for security issues Supporting compliance with security standards and best practice Working closely with IT and wider teams to embed security across systems What We're Looking For Experience in a cybersecurity / IT security role Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS) Experience working in a SOC/NOC or similar environment Good understanding of security frameworks (ISO 27001, NIST, GDPR etc.) Ability to investigate threats and respond to incidents effectively Bonus points for: Security certifications (Security+, CEH, CISM, CISA) Scripting/automation experience (e.g. PowerShell) What's On Offer Up to 65,000 salary Flexitime + early Friday finish 24 days holiday + bank holidays Pension (6-7%), life assurance & sick pay Free parking, onsite caf & gym access If you're looking for a role where you can influence strategy and make a real impact, this is well worth a conversation. Security Clearance is required for this role - applicants need to be eligible for clearance. Hit apply to upload your CV or contact (url removed) Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
SOC Analyst Leeds (Hybrid) £50,000 - £58,000 Package 24/7 Shift Pattern Permanent 25 Days Hols (rising to 27 + Buy and Sell scheme) - Pension (5% Employer) - Healthcare - DIS x 4 Critical Illness Cover - Birthday off - Vendor Training and Accreditations SOC Analyst Join a Growing Cyber Security Operations Team An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market. Benefits 25 days annual leave (rising with service) Birthday day off Hybrid working model Home-based night shifts Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment This is an excellent opportunity for a SOC Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation.
Jun 18, 2026
Full time
SOC Analyst Leeds (Hybrid) £50,000 - £58,000 Package 24/7 Shift Pattern Permanent 25 Days Hols (rising to 27 + Buy and Sell scheme) - Pension (5% Employer) - Healthcare - DIS x 4 Critical Illness Cover - Birthday off - Vendor Training and Accreditations SOC Analyst Join a Growing Cyber Security Operations Team An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market. Benefits 25 days annual leave (rising with service) Birthday day off Hybrid working model Home-based night shifts Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment This is an excellent opportunity for a SOC Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation.
Leeds (Hybrid) 50,000 - 58,000 Package 24/7 Shift Pattern Permanent With extensive Benefits! 25 days annual leave (rising with service to 27) Birthday day off Hybrid working model but mostly work from home Home-based night shifts with certain day shifts also from home 4 days on 4 days off Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment Opportunity Join a Growing Cyber Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market.
Jun 17, 2026
Full time
Leeds (Hybrid) 50,000 - 58,000 Package 24/7 Shift Pattern Permanent With extensive Benefits! 25 days annual leave (rising with service to 27) Birthday day off Hybrid working model but mostly work from home Home-based night shifts with certain day shifts also from home 4 days on 4 days off Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment Opportunity Join a Growing Cyber Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market.
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
Jun 17, 2026
Full time
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
I am currently looking for 2 experienced Cyber Security Engineers (DV Cleared) for a client, based in Milton Keynes with occasional travel to London. DV Clearance is essential - applicants without current clearance unfortunately cannot be considered. About the Role: These roles sit within a client's Cybersecurity Operations function. You will play a key part in designing, implementing, and maintaining the platforms that support enterprise-scale security operations. From SIEM and log collection to endpoint detection, automation, and integration, you'll help ensure the SOC team has the reliable and scalable infrastructure it needs to detect, investigate, and respond to threats. Responsibilities: Manage and optimise SIEM platforms (Splunk, Microsoft Sentinel, open-source alternatives) across hybrid-cloud environments Configure and maintain log/data pipelines from endpoints, cloud services, and network devices Ensure high availability, reliability, and performance of core security platforms Integrate new security tools into the ecosystem, including automation via APIs, Scripting, and AI Maintain clear documentation, diagrams, and procedures to support knowledge sharing and consistency Skills & Experience: Strong hands-on experience with SIEM technologies (Splunk, Sentinel, etc.) Knowledge of cloud platforms (Azure, AWS, GCP) and hybrid environments Scripting skills (Python, PowerShell) for automation and integration Experience with SOAR and SecDevOps practices (Git, GitHub, Azure DevOps, CI/CD) Good understanding of frameworks such as NIST, MITRE ATT&CK, CAF Background in Incident Response or SOC analysis is highly valued Soft Skills: Strong analytical and problem-solving mindset Effective communication and collaboration skills Ability to thrive in a fast-paced, dynamic environment Certifications (Splunk, Microsoft, SANS, etc.) are desirable but not required. Location: Milton Keynes (with some travel to London) Positions: 2 available If you're DV cleared and want to take on a challenging and rewarding role with a leading organisation, I'd love to hear from you.
Oct 06, 2025
Contractor
I am currently looking for 2 experienced Cyber Security Engineers (DV Cleared) for a client, based in Milton Keynes with occasional travel to London. DV Clearance is essential - applicants without current clearance unfortunately cannot be considered. About the Role: These roles sit within a client's Cybersecurity Operations function. You will play a key part in designing, implementing, and maintaining the platforms that support enterprise-scale security operations. From SIEM and log collection to endpoint detection, automation, and integration, you'll help ensure the SOC team has the reliable and scalable infrastructure it needs to detect, investigate, and respond to threats. Responsibilities: Manage and optimise SIEM platforms (Splunk, Microsoft Sentinel, open-source alternatives) across hybrid-cloud environments Configure and maintain log/data pipelines from endpoints, cloud services, and network devices Ensure high availability, reliability, and performance of core security platforms Integrate new security tools into the ecosystem, including automation via APIs, Scripting, and AI Maintain clear documentation, diagrams, and procedures to support knowledge sharing and consistency Skills & Experience: Strong hands-on experience with SIEM technologies (Splunk, Sentinel, etc.) Knowledge of cloud platforms (Azure, AWS, GCP) and hybrid environments Scripting skills (Python, PowerShell) for automation and integration Experience with SOAR and SecDevOps practices (Git, GitHub, Azure DevOps, CI/CD) Good understanding of frameworks such as NIST, MITRE ATT&CK, CAF Background in Incident Response or SOC analysis is highly valued Soft Skills: Strong analytical and problem-solving mindset Effective communication and collaboration skills Ability to thrive in a fast-paced, dynamic environment Certifications (Splunk, Microsoft, SANS, etc.) are desirable but not required. Location: Milton Keynes (with some travel to London) Positions: 2 available If you're DV cleared and want to take on a challenging and rewarding role with a leading organisation, I'd love to hear from you.
Your new company As part of their continued investment in technology and cyber resilience, my client is seeking a Cloud Security Engineer to join their dynamic Technology Directorate. This is a pivotal role supporting the Head of Cyber Security and Infrastructure in strengthening the cyber security estate and ensuring robust protection across our digital platforms. Your new role As Cloud Security Engineer, you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure IT architecture and access control policies. What you'll need to succeed Extensive experience administering the Azure platform and Microsoft security tools (Defender, Sentinel, Intune, Autopilot). Strong understanding of cyber security frameworks including ISO27001, Cyber Essentials+, and the Cyber Assessment Framework. Proven experience in identity and access management, end-user device management, and working with external SOCs. Ability to deliver against cyber security roadmaps, respond to incidents, and remediate vulnerabilities. Experience in building Power BI dashboards and writing security policies and SOPs. A collaborative mindset with excellent communication skills and a proactive approach to continuous improvement. What you'll get in return A chance to make a real impact in a purpose-driven organisation. Flexible working arrangements. Access to professional development and training. A supportive and inclusive culture. Competitive salary up to £52K and benefits package. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Oct 03, 2025
Full time
Your new company As part of their continued investment in technology and cyber resilience, my client is seeking a Cloud Security Engineer to join their dynamic Technology Directorate. This is a pivotal role supporting the Head of Cyber Security and Infrastructure in strengthening the cyber security estate and ensuring robust protection across our digital platforms. Your new role As Cloud Security Engineer, you will play a key role in enhancing cyber resilience. You'll be responsible for leveraging tools such as Microsoft Defender, Sentinel, Azure, and their SOC partner to conduct threat analysis, risk assessments, and implement effective controls. You'll support the delivery of their Cyber Security Sub Strategy in line with the Cyber Assessment Framework, and contribute to the design and operation of threat intelligence, incident response, vulnerability management, and ethical hacking capabilities. You'll work closely with internal stakeholders and external partners to ensure compliance with ISO27001, Cyber Essentials+, and other regulatory frameworks. This role also involves reporting on cyber threats and performance using Power BI, supporting penetration testing, and contributing to the development of secure IT architecture and access control policies. What you'll need to succeed Extensive experience administering the Azure platform and Microsoft security tools (Defender, Sentinel, Intune, Autopilot). Strong understanding of cyber security frameworks including ISO27001, Cyber Essentials+, and the Cyber Assessment Framework. Proven experience in identity and access management, end-user device management, and working with external SOCs. Ability to deliver against cyber security roadmaps, respond to incidents, and remediate vulnerabilities. Experience in building Power BI dashboards and writing security policies and SOPs. A collaborative mindset with excellent communication skills and a proactive approach to continuous improvement. What you'll get in return A chance to make a real impact in a purpose-driven organisation. Flexible working arrangements. Access to professional development and training. A supportive and inclusive culture. Competitive salary up to £52K and benefits package. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
SOC Analyst - £45k This is a fantastic opportunity to join a well-established MSP as part of their SOC function. You will be joining a fast paced fast growing arm of the business which has gone from strength to strength since its addition to the business. The role comes with pretty much 100% remote home working with once a month visits to their office in Manchester. They are a full Microsoft Gold Partner / Family Run and also voted one of the top employers in the UK. The current SOC function has a small close knit team of engineers - they deploy a flat SOC structure so you will be involved in all elements of a SOC function. They are big on certifications and open to candidates with them or happy to put you through relevant courses. Key skills / responsibilities: • Proven experience up to 12 months working as a SOC Analyst• Experience in deep diving into security issues and analysis rather than just ticket management.• Experience with SIEM solutions (Azure Sentinel as but Splunk etc also useful to have.• Scripting experience with - KQL / PowerShell Scripting• Threat Hunting / Analysis Investigation• Opportunity to run and be involved in webinars.• Opportunity to train and mentor new team members in the future.• Core infrastructure / networking background would be desired. The role comes with a base up to £45k They are interviewing ASAP so apply today for consideration!
Sep 25, 2025
Full time
SOC Analyst - £45k This is a fantastic opportunity to join a well-established MSP as part of their SOC function. You will be joining a fast paced fast growing arm of the business which has gone from strength to strength since its addition to the business. The role comes with pretty much 100% remote home working with once a month visits to their office in Manchester. They are a full Microsoft Gold Partner / Family Run and also voted one of the top employers in the UK. The current SOC function has a small close knit team of engineers - they deploy a flat SOC structure so you will be involved in all elements of a SOC function. They are big on certifications and open to candidates with them or happy to put you through relevant courses. Key skills / responsibilities: • Proven experience up to 12 months working as a SOC Analyst• Experience in deep diving into security issues and analysis rather than just ticket management.• Experience with SIEM solutions (Azure Sentinel as but Splunk etc also useful to have.• Scripting experience with - KQL / PowerShell Scripting• Threat Hunting / Analysis Investigation• Opportunity to run and be involved in webinars.• Opportunity to train and mentor new team members in the future.• Core infrastructure / networking background would be desired. The role comes with a base up to £45k They are interviewing ASAP so apply today for consideration!
