Senior Cyber Security & Network Analyst Location: Surrey - 2-3 days on-site Type: Permanent Overview We're looking for a Senior Cyber Security & Network Analyst to join a high-performing IT function responsible for protecting and supporting a complex enterprise environment. This is a hands-on, hybrid role combining cyber security operations, security engineering, and network infrastructure ownership . You'll play a key part in safeguarding systems, responding to threats, and driving continuous improvements across the organisation's security posture. What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys) Maintain and support network infrastructure (LAN, WAN, Wi-Fi, load balancing, connectivity) Analyse security data to identify risks, threats, and vulnerabilities Deliver security-focused projects , including new tool implementation and enhancements Support security audits, access controls, and compliance requirements Collaborate with internal teams and third-party vendors to resolve complex issues Produce and maintain technical documentation, policies, and procedures Key Skills & Experience We're particularly interested in candidates with a strong mix of security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing Experience managing security incidents and threat response Understanding of data security, risk management, and compliance environments Exposure to working within structured or regulated environments is beneficial
Jun 13, 2026
Full time
Senior Cyber Security & Network Analyst Location: Surrey - 2-3 days on-site Type: Permanent Overview We're looking for a Senior Cyber Security & Network Analyst to join a high-performing IT function responsible for protecting and supporting a complex enterprise environment. This is a hands-on, hybrid role combining cyber security operations, security engineering, and network infrastructure ownership . You'll play a key part in safeguarding systems, responding to threats, and driving continuous improvements across the organisation's security posture. What You'll Be Doing Lead day-to-day cyber security operations , ensuring systems remain protected and resilient Monitor and respond to threats via SIEM tools , investigating incidents and implementing fixes Manage and optimise next-generation firewalls (Palo Alto) and endpoint security platforms Oversee vulnerability management and patching (e.g. Qualys) Maintain and support network infrastructure (LAN, WAN, Wi-Fi, load balancing, connectivity) Analyse security data to identify risks, threats, and vulnerabilities Deliver security-focused projects , including new tool implementation and enhancements Support security audits, access controls, and compliance requirements Collaborate with internal teams and third-party vendors to resolve complex issues Produce and maintain technical documentation, policies, and procedures Key Skills & Experience We're particularly interested in candidates with a strong mix of security + networking expertise, including: Proven experience in cyber security operations and engineering Strong hands-on experience with: Palo Alto Firewalls (essential) SIEM tools Endpoint Detection & Response (EDR) Vulnerability management tools (e.g. Qualys) Solid networking knowledge: L2/L3 switching (Cisco Nexus) LAN/WAN, Wi-Fi (Aruba), load balancing Experience managing security incidents and threat response Understanding of data security, risk management, and compliance environments Exposure to working within structured or regulated environments is beneficial
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
Jun 13, 2026
Contractor
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
Jun 13, 2026
Contractor
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 13, 2026
Full time
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Jun 13, 2026
Full time
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 13, 2026
Full time
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Jun 13, 2026
Full time
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Jun 13, 2026
Full time
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Jun 12, 2026
Full time
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 12, 2026
Full time
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Jun 12, 2026
Full time
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 12, 2026
Contractor
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Cyber Security Analyst 12-month contract Inside IR35 Remote We're looking for a Cyber Security Analyst to join an IT Infrastructure Operations team, supporting the delivery of secure and compliant infrastructure projects. This role is focused on cyber governance, compliance, and assurance - ensuring that the right accreditations, controls, and processes are in place and being followed across all infrastructure initiatives. Key Responsibilities Act as the central point of contact for cyber compliance across Infrastructure Ensure adherence to security standards (e.g. ISO27001, Cyber Essentials+) Identify and flag gaps in process, controls, and accreditation compliance Work with Cyber and Project teams to resolve issues and drive alignment Track actions and provide clear reporting on compliance status Maintain up-to-date documentation, procedures, and evidence Key Focus Areas ISO27001, Cyber Essentials+, Security Health Checks Incident response, cyber awareness, and control improvements Experience Required Cyber Security Analyst / Assurance / Compliance background Strong understanding of security frameworks and accreditations Experience working with Infrastructure and project delivery teams Strong stakeholder management and organisational skills
Jun 12, 2026
Contractor
Cyber Security Analyst 12-month contract Inside IR35 Remote We're looking for a Cyber Security Analyst to join an IT Infrastructure Operations team, supporting the delivery of secure and compliant infrastructure projects. This role is focused on cyber governance, compliance, and assurance - ensuring that the right accreditations, controls, and processes are in place and being followed across all infrastructure initiatives. Key Responsibilities Act as the central point of contact for cyber compliance across Infrastructure Ensure adherence to security standards (e.g. ISO27001, Cyber Essentials+) Identify and flag gaps in process, controls, and accreditation compliance Work with Cyber and Project teams to resolve issues and drive alignment Track actions and provide clear reporting on compliance status Maintain up-to-date documentation, procedures, and evidence Key Focus Areas ISO27001, Cyber Essentials+, Security Health Checks Incident response, cyber awareness, and control improvements Experience Required Cyber Security Analyst / Assurance / Compliance background Strong understanding of security frameworks and accreditations Experience working with Infrastructure and project delivery teams Strong stakeholder management and organisational skills
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 12, 2026
Contractor
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
CBSbutler Holdings Limited trading as CBSbutler
Portsmouth, Hampshire
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
Jun 12, 2026
Contractor
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
Security Testing Analyst | London (Hybrid) | £30-35k We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team. This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment. The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one. About the Role: The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and Internet-facing services - with direct mentoring from senior testers as you build out your capability. This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce technical summaries that hold up to scrutiny. The testing team operates to Crest methodology throughout. Early on the role will be office weighted so you can get comfortable with the team. Hybrid working will then be available once you are settled in. What You'll be Doing: Deliver VAPT, vulnerability assessment, and attack surface management services across a range of clients Conduct security testing of external infrastructure and Internet-facing services, including reconnaissance, enumeration, and vulnerability validation Configure, schedule, and monitor vulnerability scans, maintaining accurate asset inventories and scope records Triage and prioritise vulnerability findings, focusing on critical and high-severity issues Validate findings using approved methods, assessing exploitability and business impact Perform basic penetration testing activities under guidance, including reconnaissance and controlled validation Support external attack surface reviews, identifying exposed assets and prioritising remediation Produce clear summaries and documentation for internal teams, clients, and formal reports Assist senior penetration testers with research, evidence collection, and report writing Adhere to internal methodologies and industry frameworks, including NIST, OWASP, and Crest best practices What They're Looking For: 1-2 years' experience in vulnerability assessment, security testing, or junior penetration testing Good understanding of networking, operating systems, and web technologies (TCP/IP, DNS, HTTP/S, Linux, Windows) Hands-on experience with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, or Qualys Familiarity with penetration testing tools including Kali Linux, Nmap, Burp Suite, Metasploit, Nikto, and Gobuster Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and the OWASP Top 10 Ability to perform reconnaissance, enumeration, service analysis, and controlled validation of findings Strong written communication skills with the ability to produce clear technical reports Able to work methodically within defined scope and rules of engagement Certs like CPSA, PenTest+, eJPT or PNPT are a nice bonus, as is lab time on HTB or TryHackMe. Why This Role? Funded certs, direct mentoring from experienced testers, real client exposure from day one, and progression that's based on what you deliver - not how long you've been there. Apply now for immediate consideration! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Jun 12, 2026
Full time
Security Testing Analyst | London (Hybrid) | £30-35k We are working with a well-established cyber security consultancy that is looking for a Security Testing Analyst to join their growing security testing team. This is a hands-on role with a clear development path - ideal for someone with around one to two years of experience in vulnerability assessment or junior penetration testing who wants structured progression toward deeper VAPT capability in a real client environment. The consultancy works with clients across regulated industries and PE-backed businesses, delivering penetration testing, VAPT, GRC advisory, and AI security services. You'll be joining a team that invests in its people: mentoring, funded certifications, and a performance-based progression model, not a time-served one. About the Role: The primary focus of the role is vulnerability assessment, external attack surface management, scan management, finding validation, and remediation follow-up. Alongside that, you'll be carrying out practical penetration testing activity - particularly across external infrastructure and Internet-facing services - with direct mentoring from senior testers as you build out your capability. This isn't a role where you run a scan, export the report, and move on. You'll be expected to investigate findings properly, understand exploitability, reduce false positives, and produce technical summaries that hold up to scrutiny. The testing team operates to Crest methodology throughout. Early on the role will be office weighted so you can get comfortable with the team. Hybrid working will then be available once you are settled in. What You'll be Doing: Deliver VAPT, vulnerability assessment, and attack surface management services across a range of clients Conduct security testing of external infrastructure and Internet-facing services, including reconnaissance, enumeration, and vulnerability validation Configure, schedule, and monitor vulnerability scans, maintaining accurate asset inventories and scope records Triage and prioritise vulnerability findings, focusing on critical and high-severity issues Validate findings using approved methods, assessing exploitability and business impact Perform basic penetration testing activities under guidance, including reconnaissance and controlled validation Support external attack surface reviews, identifying exposed assets and prioritising remediation Produce clear summaries and documentation for internal teams, clients, and formal reports Assist senior penetration testers with research, evidence collection, and report writing Adhere to internal methodologies and industry frameworks, including NIST, OWASP, and Crest best practices What They're Looking For: 1-2 years' experience in vulnerability assessment, security testing, or junior penetration testing Good understanding of networking, operating systems, and web technologies (TCP/IP, DNS, HTTP/S, Linux, Windows) Hands-on experience with vulnerability scanning tools such as Nessus, OpenVAS, AppCheck, or Qualys Familiarity with penetration testing tools including Kali Linux, Nmap, Burp Suite, Metasploit, Nikto, and Gobuster Understanding of CVEs, CVSS scoring, vulnerability prioritisation, and the OWASP Top 10 Ability to perform reconnaissance, enumeration, service analysis, and controlled validation of findings Strong written communication skills with the ability to produce clear technical reports Able to work methodically within defined scope and rules of engagement Certs like CPSA, PenTest+, eJPT or PNPT are a nice bonus, as is lab time on HTB or TryHackMe. Why This Role? Funded certs, direct mentoring from experienced testers, real client exposure from day one, and progression that's based on what you deliver - not how long you've been there. Apply now for immediate consideration! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Principal Security Engineer Our client, a leading global supplier for IT services, requires Principal Security Engineer to be based at their client's office in London, UK. This is a hybrid role - you can work remotely in the UK and attend the London office 4 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Senior hands-on secure engineer responsible for secure-by-design and operational security across the programme. Validate every delivery activity from a cyber security perspective - from threat model at requirements capture, through architecture and design approval, build assurance, security testing, live validation, hyper-care, and operational handover to BAU and external assurance. The principal authority on threat modelling, control validation, and security evidence across the CIS Controls v8.1 IG3 scope. Key Responsibilities Operate as senior cyber architect and SME within the programme's structured operating model - actively engaged from requirements capture through to BAU handover, owning Definition-of-Done evidence at every gate. Break down each Master Programme Plan activity into discrete People/Process/Technology tasks viewed through a cyber security lens - define the validation and assurance criteria, embed them as DoD acceptance criteria, and evidence them before status can advance. Requirements: author threat model v1, control intent statement, and compensating controls; validate requirements against current operational baseline and monitoring posture. Architecture (LEAD): author security architecture, safeguard mapping, and trust boundaries; approve the threat model; chair Security Council review of the architecture pack. Design (LEAD): approve detailed security design, evidence template, and telemetry specification; validate operational controls in the design; confirm evidence-capture feasibility before build commences. Build: run periodic build-vs-design reviews, architecture drift checks, and re-approve changes; configure operational controls, prepare security testing, support agent rollout, validate log feeds. Test (LEAD): sign off that the security architecture is proven by test evidence; revalidate the threat model; lead security testing, penetration testing, control validation, and evidence pack creation. Deploy: provide production architecture sign-off; confirm final control mapping in Continuous Control Monitoring (CCM); run live security validation, monitoring tuning, alert calibration, and IR playbook readiness. Hyper-care (LEAD): address security-architecture defects, approve in-warranty changes; lead control monitoring and tuning; produce security evidence and establish Key Risk Indicator (KRI) baselines. Handover: hand architecture over to the Security Council, lodge the final threat model, ensure the CCM tile goes live; transition operational controls to L1 SOC operations with a complete evidence pack to external assurance. Liaise directly with external assurance providers on threat-model defensibility, control effectiveness, and evidence chain across the CIS Controls v8.1 IG3 scope. Chair or jointly chair the Security Council review at the architecture stage gate; participate in TDA decisions at the design stage gate. People: Led security engineering across the programme; senior peer to Security Solution Architects, Cyber Operations, and the MSSP L1 SOC interface. Process: Embedded structured operating-model discipline into every security validation and assurance step; Definition-of-Done evidence at every gate, no exceptions. Technology: Delivered secure-by-design as bui personally signed off every architecture and operational handover, with an audit-traceable evidence chain from threat model to live monitoring Key Requirements Essential Skills: 12+ years cyber engineering and security architecture experience at enterprise scale. 5+ years hands-on security design AND validation - comfortable both as architect (design authority) and as engineer (hands-on implementer). Direct experience with CIS Controls v8.1, NIST CSF, ISO 27001/27002 control frameworks. Threat modelling at scale - proven authorship using STRIDE, MITRE ATT&CK, OWASP - across multiple in-scope controls. Hands-on penetration testing, security testing, and control validation track record. Workflow discipline - operates comfortably within Definition-of-Done, evidence-at-gate frameworks. Exceptional executive-level interactions, presentation, and engagement - proven ability to influence CISO, Security Council, External Assurance, and cross-functional senior stakeholders across Procurement, Architecture, and Technology heads. Retail or large dispersed-estate enterprise experience strongly preferred. CISSP (Certified Information Systems Security Professional) One of: CISM, CISA, CCSP, SABSA Practitioner, or CRISC One penetration-testing certification: OSCP, GIAC GPEN, or CEH (or equivalent demonstrable experience) Tooling & Methodology Proficiency: Hands-on with leading enterprise PM tools - Jira, Azure DevOps, MS Project, or equivalent - and willing to adopt (the programme's tool) on the job at senior architect and SME level. End-to-end Agile delivery - Scrum/Kanban - combined with DevSecOps deep hands-on practice (security gates Embedded in CI/CD). SAFe PI Planning participation as the cyber security representative. Executive-grade MS PowerPoint - Security Council paper authoring, threat-model presentation, design narrative for Programme Board. Advanced dashboards and modelling - one or more of Advanced MS Excel, PowerBI, Python, or Copilot - for KRI baselines, control-effectiveness analytics, and risk reporting. Budgeting awareness - security control cost shaping and total-cost-of-ownership analysis . Desirable Skills: Direct hands-on experience at senior architect/SME level. Practical DevSecOps Foundation or SANS GIAC GCSA. SABSA for Architects. Microsoft Threat Modeling Tool/OWASP Threat Dragon authorship. PowerBI Data Analyst (PL-300) for KRI and risk dashboards. CompTIA CASP+ or PenTest+ GIAC GCIH, GCFA, GCIA, or GREM AWS Security Specialty or Azure Security Engineer/Security Architect Expert BMC Helix Certified Professional (SecOps) ISO 27001 Lead Auditor or Lead Implementer TOGAF 9.2 awareness Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
Jun 12, 2026
Contractor
Principal Security Engineer Our client, a leading global supplier for IT services, requires Principal Security Engineer to be based at their client's office in London, UK. This is a hybrid role - you can work remotely in the UK and attend the London office 4 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Senior hands-on secure engineer responsible for secure-by-design and operational security across the programme. Validate every delivery activity from a cyber security perspective - from threat model at requirements capture, through architecture and design approval, build assurance, security testing, live validation, hyper-care, and operational handover to BAU and external assurance. The principal authority on threat modelling, control validation, and security evidence across the CIS Controls v8.1 IG3 scope. Key Responsibilities Operate as senior cyber architect and SME within the programme's structured operating model - actively engaged from requirements capture through to BAU handover, owning Definition-of-Done evidence at every gate. Break down each Master Programme Plan activity into discrete People/Process/Technology tasks viewed through a cyber security lens - define the validation and assurance criteria, embed them as DoD acceptance criteria, and evidence them before status can advance. Requirements: author threat model v1, control intent statement, and compensating controls; validate requirements against current operational baseline and monitoring posture. Architecture (LEAD): author security architecture, safeguard mapping, and trust boundaries; approve the threat model; chair Security Council review of the architecture pack. Design (LEAD): approve detailed security design, evidence template, and telemetry specification; validate operational controls in the design; confirm evidence-capture feasibility before build commences. Build: run periodic build-vs-design reviews, architecture drift checks, and re-approve changes; configure operational controls, prepare security testing, support agent rollout, validate log feeds. Test (LEAD): sign off that the security architecture is proven by test evidence; revalidate the threat model; lead security testing, penetration testing, control validation, and evidence pack creation. Deploy: provide production architecture sign-off; confirm final control mapping in Continuous Control Monitoring (CCM); run live security validation, monitoring tuning, alert calibration, and IR playbook readiness. Hyper-care (LEAD): address security-architecture defects, approve in-warranty changes; lead control monitoring and tuning; produce security evidence and establish Key Risk Indicator (KRI) baselines. Handover: hand architecture over to the Security Council, lodge the final threat model, ensure the CCM tile goes live; transition operational controls to L1 SOC operations with a complete evidence pack to external assurance. Liaise directly with external assurance providers on threat-model defensibility, control effectiveness, and evidence chain across the CIS Controls v8.1 IG3 scope. Chair or jointly chair the Security Council review at the architecture stage gate; participate in TDA decisions at the design stage gate. People: Led security engineering across the programme; senior peer to Security Solution Architects, Cyber Operations, and the MSSP L1 SOC interface. Process: Embedded structured operating-model discipline into every security validation and assurance step; Definition-of-Done evidence at every gate, no exceptions. Technology: Delivered secure-by-design as bui personally signed off every architecture and operational handover, with an audit-traceable evidence chain from threat model to live monitoring Key Requirements Essential Skills: 12+ years cyber engineering and security architecture experience at enterprise scale. 5+ years hands-on security design AND validation - comfortable both as architect (design authority) and as engineer (hands-on implementer). Direct experience with CIS Controls v8.1, NIST CSF, ISO 27001/27002 control frameworks. Threat modelling at scale - proven authorship using STRIDE, MITRE ATT&CK, OWASP - across multiple in-scope controls. Hands-on penetration testing, security testing, and control validation track record. Workflow discipline - operates comfortably within Definition-of-Done, evidence-at-gate frameworks. Exceptional executive-level interactions, presentation, and engagement - proven ability to influence CISO, Security Council, External Assurance, and cross-functional senior stakeholders across Procurement, Architecture, and Technology heads. Retail or large dispersed-estate enterprise experience strongly preferred. CISSP (Certified Information Systems Security Professional) One of: CISM, CISA, CCSP, SABSA Practitioner, or CRISC One penetration-testing certification: OSCP, GIAC GPEN, or CEH (or equivalent demonstrable experience) Tooling & Methodology Proficiency: Hands-on with leading enterprise PM tools - Jira, Azure DevOps, MS Project, or equivalent - and willing to adopt (the programme's tool) on the job at senior architect and SME level. End-to-end Agile delivery - Scrum/Kanban - combined with DevSecOps deep hands-on practice (security gates Embedded in CI/CD). SAFe PI Planning participation as the cyber security representative. Executive-grade MS PowerPoint - Security Council paper authoring, threat-model presentation, design narrative for Programme Board. Advanced dashboards and modelling - one or more of Advanced MS Excel, PowerBI, Python, or Copilot - for KRI baselines, control-effectiveness analytics, and risk reporting. Budgeting awareness - security control cost shaping and total-cost-of-ownership analysis . Desirable Skills: Direct hands-on experience at senior architect/SME level. Practical DevSecOps Foundation or SANS GIAC GCSA. SABSA for Architects. Microsoft Threat Modeling Tool/OWASP Threat Dragon authorship. PowerBI Data Analyst (PL-300) for KRI and risk dashboards. CompTIA CASP+ or PenTest+ GIAC GCIH, GCFA, GCIA, or GREM AWS Security Specialty or Azure Security Engineer/Security Architect Expert BMC Helix Certified Professional (SecOps) ISO 27001 Lead Auditor or Lead Implementer TOGAF 9.2 awareness Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Jun 12, 2026
Contractor
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .
Jun 12, 2026
Full time
Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) £50/hour Umbrella | £36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations/UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Jun 12, 2026
Contractor
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) £50/hour Umbrella | £36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations/UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
