Are you an experienced IT professional with a strong background in Microsoft 365 and infrastructure support? Join Transforming PLC as an IT Business Partner and play a key role in supporting and improving digital services that make a real difference across our social care operations. IT Business PartnerManchester Hybrid (with some travel) Full Time, Permanent £40,000 per year plus benefits Please note: you must be authorised to work in the UK Transforming PLC is a UK-based group with social care provider subsidiaries. We are committed to safe, high-quality care, strong governance, and operational excellence. Our Digital Services function enables secure, reliable technology services for colleagues across offices, care settings and hybrid working, supporting better outcomes for the people we support. About the role: We are looking for an experienced IT Business Partner to join our Digital Services team. A hybrid role based in Manchester with some travel, this is a great opportunity for a technically strong, business-focused IT professional to play a key role in supporting and improving technology across a multi-site organisation. You will act as a trusted partner to stakeholders, provide technical expertise across Microsoft 365 and infrastructure, and help ensure our services are secure, reliable and fit for purpose. What you'll be doing: Act as the subject matter expert for IT infrastructure, with a focus on Microsoft 365, connectivity and site-based technologies. Provide Level 3 support and lead technical problem resolution across the organisation. Build strong relationships with stakeholders and act as a trusted advisor on digital services. Support secure, resilient and effective IT services across multiple locations. Work with third-party suppliers and internal teams to improve systems and resolve major incidents. What we're looking for: Strong knowledge of the Microsoft 365 ecosystem and IT infrastructure support. Experience in a senior infrastructure, 3rd line or similar technical support role. Good understanding of networking fundamentals, cyber security and cloud technologies. Experience supporting multi-site environments and managing third-party suppliers. Excellent problem-solving skills and the ability to communicate clearly with technical and non-technical stakeholders. Experience in healthcare or social care environments would be an advantage. What we offer: Competitive salary and benefits package. Hybrid working with flexibility aligned to business needs. Opportunities for professional development and career growth. A collaborative and supportive working environment. If you are a proactive IT professional who enjoys combining technical expertise with stakeholder partnership, we would love to hear from you. Apply now to join us and help shape reliable, secure and effective digital services across the organisation. How to apply for the role: If you have the skills and experience required for this position, click "apply" today and check your inbox for an email providing more information on how to tailor your application and provide a cover letter or any supporting documents. You must be authorised to work in the UK. No agencies please. Other suitable skills and experience includes IT Infrastructure Engineer, Senior IT Support Engineer, 3rd Line Support Engineer, Technical Services Manager, IT Operations Engineer, Microsoft 365 Engineer, Infrastructure Support Analyst, Systems Administrator, IT Manager, Network and Infrastructure Engineer, Digital Services Partner, Technical Account Manager, Cloud Support Engineer, Service Delivery Analyst, End User Computing Engineer, IT Solutions Specialist, ICT Business Partner.
Jun 21, 2026
Full time
Are you an experienced IT professional with a strong background in Microsoft 365 and infrastructure support? Join Transforming PLC as an IT Business Partner and play a key role in supporting and improving digital services that make a real difference across our social care operations. IT Business PartnerManchester Hybrid (with some travel) Full Time, Permanent £40,000 per year plus benefits Please note: you must be authorised to work in the UK Transforming PLC is a UK-based group with social care provider subsidiaries. We are committed to safe, high-quality care, strong governance, and operational excellence. Our Digital Services function enables secure, reliable technology services for colleagues across offices, care settings and hybrid working, supporting better outcomes for the people we support. About the role: We are looking for an experienced IT Business Partner to join our Digital Services team. A hybrid role based in Manchester with some travel, this is a great opportunity for a technically strong, business-focused IT professional to play a key role in supporting and improving technology across a multi-site organisation. You will act as a trusted partner to stakeholders, provide technical expertise across Microsoft 365 and infrastructure, and help ensure our services are secure, reliable and fit for purpose. What you'll be doing: Act as the subject matter expert for IT infrastructure, with a focus on Microsoft 365, connectivity and site-based technologies. Provide Level 3 support and lead technical problem resolution across the organisation. Build strong relationships with stakeholders and act as a trusted advisor on digital services. Support secure, resilient and effective IT services across multiple locations. Work with third-party suppliers and internal teams to improve systems and resolve major incidents. What we're looking for: Strong knowledge of the Microsoft 365 ecosystem and IT infrastructure support. Experience in a senior infrastructure, 3rd line or similar technical support role. Good understanding of networking fundamentals, cyber security and cloud technologies. Experience supporting multi-site environments and managing third-party suppliers. Excellent problem-solving skills and the ability to communicate clearly with technical and non-technical stakeholders. Experience in healthcare or social care environments would be an advantage. What we offer: Competitive salary and benefits package. Hybrid working with flexibility aligned to business needs. Opportunities for professional development and career growth. A collaborative and supportive working environment. If you are a proactive IT professional who enjoys combining technical expertise with stakeholder partnership, we would love to hear from you. Apply now to join us and help shape reliable, secure and effective digital services across the organisation. How to apply for the role: If you have the skills and experience required for this position, click "apply" today and check your inbox for an email providing more information on how to tailor your application and provide a cover letter or any supporting documents. You must be authorised to work in the UK. No agencies please. Other suitable skills and experience includes IT Infrastructure Engineer, Senior IT Support Engineer, 3rd Line Support Engineer, Technical Services Manager, IT Operations Engineer, Microsoft 365 Engineer, Infrastructure Support Analyst, Systems Administrator, IT Manager, Network and Infrastructure Engineer, Digital Services Partner, Technical Account Manager, Cloud Support Engineer, Service Delivery Analyst, End User Computing Engineer, IT Solutions Specialist, ICT Business Partner.
Bristow Holland is recruiting for a Cyber Security Analyst to join a growing organisation based in Felixstowe. The role offers a hybrid working model with 50% working from home and 50% in the office. This is a fantastic opportunity for someone early in their cyber security career who is looking to build hands-on experience across IT security, networking, governance, and compliance within a business-focused environment. You ll be joining a small but experienced security team where you ll gain exposure across a wide range of areas including cyber security operations, risk management, audits, and compliance frameworks such as Cyber Essentials and ISO 27001. Key Responsibilities Support day-to-day IT and cyber security operations across the business Assist with monitoring and responding to security alerts and incidents Help maintain and improve network and system security controls Support Cyber Essentials and ISO 27001 compliance activities Assist with internal and external security audits Contribute to security policies, procedures, and documentation Work closely with IT and infrastructure teams to improve security posture Gain exposure to vulnerability management and risk assessments Skills & Experience Required One of the following three: 1 years experience in Cyber Security or IT Security A degree in a relevant IT or Cyber Security discipline Or relevant cyber security training / certifications (e.g. CompTIA Security+, etc.) Strong interest in cyber security and IT infrastructure Basic understanding of networking (TCP/IP, DNS, firewalls) Good communication and willingness to learn Analytical mindset with strong attention to detail
Jun 21, 2026
Full time
Bristow Holland is recruiting for a Cyber Security Analyst to join a growing organisation based in Felixstowe. The role offers a hybrid working model with 50% working from home and 50% in the office. This is a fantastic opportunity for someone early in their cyber security career who is looking to build hands-on experience across IT security, networking, governance, and compliance within a business-focused environment. You ll be joining a small but experienced security team where you ll gain exposure across a wide range of areas including cyber security operations, risk management, audits, and compliance frameworks such as Cyber Essentials and ISO 27001. Key Responsibilities Support day-to-day IT and cyber security operations across the business Assist with monitoring and responding to security alerts and incidents Help maintain and improve network and system security controls Support Cyber Essentials and ISO 27001 compliance activities Assist with internal and external security audits Contribute to security policies, procedures, and documentation Work closely with IT and infrastructure teams to improve security posture Gain exposure to vulnerability management and risk assessments Skills & Experience Required One of the following three: 1 years experience in Cyber Security or IT Security A degree in a relevant IT or Cyber Security discipline Or relevant cyber security training / certifications (e.g. CompTIA Security+, etc.) Strong interest in cyber security and IT infrastructure Basic understanding of networking (TCP/IP, DNS, firewalls) Good communication and willingness to learn Analytical mindset with strong attention to detail
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office in Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Jun 21, 2026
Contractor
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office in Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
Jun 20, 2026
Contractor
Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
Jun 20, 2026
Contractor
SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 20, 2026
Full time
A job opportunity has arisen for an experienced IT Programme Manager to join a highly established organisation during a period of rapid technical and business transformation. Reporting to the Head of Programme Management, you will take responsibility for managing and delivering a critical, multi-year programme of IT/Technology transformation and cyber security projects. You will liaise with several key senior stakeholders, successfully influencing key decision making to ensure the IT Security Programme of works is initiated and delivered within the required timelines. Working as part of an innovative and fast-paced IT team, you will be responsible for line managing a team of three IT Project Managers, whilst taking ownership for the overall programme of work. You will work closely with Project Managers, PMO, IT Business Analysts, key business sponsors and key stakeholders to support project definition, to initiative, plan and deliver projects, demonstrating strong governance and reporting progress tracking to plan. Furthermore, you will take ownership of the IT Programme of project work and ensure delivery to time, budget, and quality measures. You will work alongside IT Team colleagues to review business requirements and suggest appropriate solutions, manage any external tender selection events with the procurement team and support investment sign off to help shape project business cases. The successful candidate should be able to demonstrate: A proven track record of having worked as an IT Programme Manager, including experience of having delivered highly regulated projects/programmes You should ideally have experience working in the Utilities sector / experience of delivering IT solutions in or for utilities clients Have experience at managing a portfolio of projects and/or a programme of works in a largely outsourced environment Have extensive programme or portfolio management implementation experience, being able to control and deliver a programme or portfolio to time and budget requirements IT Programme/Portfolio Delivery experience Project implementation expertise Contractual/Commercial awareness and experience Process and Governance design and implementation expertise Degree level educated PRINCE2 Practitioner or equivalent Project Management qualification is essential Experience of tools such as MS DevOps, JIRA, MS Project Planner, etc. This position offers excellent scope for career progression plus a benefits package that includes: 25 days annual leave plus bank holidays Pension scheme (5% employee contribution, 10% employer contribution) Annual bonus scheme 14 x salary Life Insurance Flexible benefits scheme options including corporate gym memberships, dental insurance and health cash-plans Access to Financial Wellbeing Programme Enhanced pay for parental leave Retail discounts and cashback scheme Flexible/hybrid working options If you would like to discuss this position in more detail, please apply with an updated CV or contact me for a confidential discussion. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Jun 20, 2026
Full time
Cyber Threat Detection / SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Cyber Threat Intelligence Analyst Summer-Browning Associates is supporting our client in the Central Government, who is seeking a Cyber Threat Intelligence Analyst for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold an active Security clearance and have a proven background in Cyber Security Threat Intelligence, with the following skills and experience: Experience in risk and threat modelling within high-threat government environments. Experience with cyber threat frameworks, such as MITRE ATT&CK, the Diamond Model, and the Intelligence Cycle. Proficiency in using open-source and commercial research methods & threat intelligence platforms. Proven experience in researching, analysing, and reporting on cyber threats or related security issues. Experience in Threat Modelling System and Security Information and Event Management (SIEM) solutions Ability to triage security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Relevant professional qualifications or training in intelligence analysis or cyber security. To apply, please submit your latest CV for review.
Jun 20, 2026
Contractor
Cyber Threat Intelligence Analyst Summer-Browning Associates is supporting our client in the Central Government, who is seeking a Cyber Threat Intelligence Analyst for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold an active Security clearance and have a proven background in Cyber Security Threat Intelligence, with the following skills and experience: Experience in risk and threat modelling within high-threat government environments. Experience with cyber threat frameworks, such as MITRE ATT&CK, the Diamond Model, and the Intelligence Cycle. Proficiency in using open-source and commercial research methods & threat intelligence platforms. Proven experience in researching, analysing, and reporting on cyber threats or related security issues. Experience in Threat Modelling System and Security Information and Event Management (SIEM) solutions Ability to triage security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Relevant professional qualifications or training in intelligence analysis or cyber security. To apply, please submit your latest CV for review.
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Jun 20, 2026
Full time
Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 20, 2026
Full time
Senior Cyber Security Analyst Permanent - Full time 55,000 plus bonus Bolton - 3 days per week onsite About the Role We are working with a leading global organization during a pivotal moment who seeking a Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response Lead remediation efforts for identified vulnerabilities in collaboration with technology teams. Acting as an escalation point for any cyber security incidents and documenting processes Respond to incidents alongside the Head of Cyber Work with the existing MSSP across incident response and proactive monitoring and detection Maintain and optimise Microsoft Sentinel SIEM, XDR/MDR/EDR solutions, and supporting tools. Track deployment and health of all security products across the business. Stay ahead of emerging threats and evolving technologies. What We're Looking For Experience working in a cyber role in an enterprise environment Experience with the Microsoft Defender suite and Tanium would be ideal Solid understanding of cybersecurity principles and incident response processes. Experience exposure to red-teaming would be great but not crucial Experience of use case development An understanding of security best practice frameworks (NIST, ISO27001 etc) Good understanding of threat assessment A technical IT background Strong problem-solving skills and go-getter attitude Excellent communication skills and ability to work independently in a fast-paced setting. What's on Offer 45,000 - 55,000 plus bonus 25 days annual leave, plus moveable bank holidays and up to 5 days buy and sell Pension and company specific benefits Flexible and hybrid working options Career development opportunities and access to accredited qualifications. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Jun 20, 2026
Full time
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Jun 20, 2026
Full time
Cyber Security Operations Manager Liverpool (Hybrid) 70,000 - 75,000 Looking to take the next step in your cyber security career? We're looking for a Cyber Security Operations Manager to join a growing technology team and play a key role in strengthening and evolving the organisation's security capability. Whether you're already leading a Security Operations function or you're a Senior Security Engineer or Team Lead looking for more ownership, this is an opportunity to make a real impact within a business that is investing heavily in cyber security and resilience. The Opportunity You'll be responsible for helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. What You'll Be Doing Leading and developing the Security Operations capability Managing cyber security incidents and coordinating effective responses Driving improvements across monitoring, threat detection and vulnerability management Working closely with technology teams to improve security across cloud, infrastructure and end-user environments Helping optimise security tools, processes and automation Supporting security audits, compliance initiatives and governance requirements Providing regular updates and insight to senior stakeholders on security risks and performance Contributing to the wider cyber security strategy and roadmap What We're Looking For We're interested in speaking with candidates from backgrounds such as: Security Operations Manager Lead Security Engineer Senior Security Engineer Senior SOC Analyst Detection & Response Lead Cyber Security Team Lead You'll ideally bring experience across some of the following: Security Operations and Incident Response SIEM, EDR/XDR and security monitoring tools Vulnerability Management Threat Detection and Threat Hunting Cloud Security (Azure, AWS or GCP) Security Frameworks such as ISO 27001, NIST or CIS Controls Most importantly, we're looking for someone who enjoys solving security challenges, improving processes and helping build a mature and effective cyber security function. Why Join? Opportunity to shape and influence the cyber security function High-profile role with strong visibility across the business Significant investment in cyber security and resilience Blend of leadership, technical oversight and strategic influence Supportive team environment with genuine opportunities for growth If you're looking for a role where you can take ownership, influence security strategy and make a real impact, we'd love to hear from you. Apply today or get in touch for a confidential conversation. BH36094
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 20, 2026
Full time
Prestigious opportunity for an IT Support & Systems Analyst to join our team in Warrington.Market leaders in the design and manufacture of high quality solutions for the aerospace, defence, power generation, and high performance engineering sectors, we are inviting you to join our success story. With operations in the UK and Europe, we deliver cost effective, high quality solutions while partnering closely with customers across the full life cycle from design to in-service support. This is an excellent opportunity for someone with IT support experience who wants to broaden their skills across IT operations, systems, and cybersecurity. You'll play a key role in supporting end users while gaining exposure to infrastructure, compliance, and continuous improvement initiatives. Your responsibilities will be to: - Deliver 1st & 2nd line support across office and shop-floor environments Assist with Microsoft 365 & Active Directory administration Troubleshoot hardware, software, and access issues Manage onboarding/offboarding, user accounts, and permissions Support a range of devices including PCs, laptops and mobile devices Provide a high level of customer service and user training Device Management and patching Support IT Security, Audit and Compliance If you possess a combination of some of the following skills, then LETS TALK! Experience in IT support or service desk roles Strong knowledge of Windows, Microsoft 365, Active Directory Experience supporting end users, devices and applications Solid troubleshooting and problem-solving skills Understanding of cybersecurity best practices (MFA, patching, endpoint protection) Strong communication and user-focused mindset Knowledge of the following is advantageous but not essential: - Exposure to audits or compliance requirements Experience with endpoint security or patch management tools ERP or manufacturing environment experience Basic networking knowledge (DNS, DHCP, TCP/IP) In return, you will be rewarded with ongoing career development and training and an enviable benefits package. Hybrid working is available upon completion of probation. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
At DXC Technology were continuing to expand our high-security Cyber Defence capability and are looking for an experienced Tier 3 Security Analyst to join our growing Security Operations Centre (SOC) team based in Farnborough. Were passionate about building diverse, inclusive teams and actively encourage applications from women, underrepresented groups, and neurodivergent candidates, with support a click apply for full job details
Jun 20, 2026
Full time
At DXC Technology were continuing to expand our high-security Cyber Defence capability and are looking for an experienced Tier 3 Security Analyst to join our growing Security Operations Centre (SOC) team based in Farnborough. Were passionate about building diverse, inclusive teams and actively encourage applications from women, underrepresented groups, and neurodivergent candidates, with support a click apply for full job details
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 20, 2026
Contractor
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Jun 20, 2026
Full time
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 20, 2026
Contractor
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
CBSbutler Holdings Limited trading as CBSbutler
Portsmouth, Hampshire
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
Jun 20, 2026
Contractor
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
Jun 20, 2026
Full time
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Jun 19, 2026
Contractor
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
