19 jobs found

SECURITY OPERATIONS CENTER (SOC) ANALYST - CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SECURITY OPERATIONS CENTER (SOC) ANALYST for an initial 12-month assignment, with the possibility of extension. Location: London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security, with the following skills and experience: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. To apply, please submit your latest CV for review.

Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.

SOC Analyst (Contract) - SC Cleared Required Location: Cheltenham (Remote - UK Based) Rate: 500 - 685 per day (Umbrella, Inside IR35) Contract Length: 3 Months SC Clearence: Due to the sensitive nature of the work, candidates must hold active UK Government Security Clearance (SC) . The Opportunity We are looking for a SOC Analyst to join a high-performing Security Operations Centre (SOC) team delivering critical cyber defence capabilities within a secure client environment. This is an exciting opportunity to work on impactful projects, collaborating with experienced security professionals while gaining hands-on exposure to real-world cyber threats in a fast-paced, dynamic setting. Key Responsibilities As a SOC Analyst, you will: Monitor, triage, and respond to security alerts and incidents Investigate and analyse potential threats across multiple environments Escalate security events in line with defined processes Support continuous improvement through alert tuning and optimisation recommendations Produce clear and concise incident and performance reports Maintain awareness of the latest cyber threats, vulnerabilities, and attack techniques Collaborate with wider security teams to strengthen detection and response capabilities Skills & Experience Required Prior experience (1-2 years desirable) in a SOC Analyst or similar security role Strong understanding of: Computer networks Operating systems (Windows/Linux) Software, hardware, and general IT infrastructure Awareness of cybersecurity risks across technologies and how to mitigate them Working knowledge of security technologies, including: Network & application firewalls Host Intrusion Prevention Systems (HIPS) Antivirus / endpoint protection tools Relevant academic qualifications or industry training (e.g., Cyber Security, IT Security)

We re Hiring: Senior Cyber Security Analyst Corsham I m currently looking for a Senior Cyber Security Analyst to join our SOC team at Computer Network Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst, you will support the SOC Team Lead and play a central role in monitoring, triaging, and investigating security events across a range of client environments. You ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends, and insights, as well as contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency and impact Deliver weekly and monthly reporting to clients and stakeholders Communicate security findings and trends directly to clients Support vulnerability management analysis and remediation efforts Lead false-positive reduction and SIEM tuning activities Mentor and support development of Tier 1 and junior analysts Contribute to SOC process improvement and operational efficiency Participate in incident response activities as part of the wider team Lead internal SOC initiatives and projects where required Create and deliver presentations for clients and internal teams What We re Looking For Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving and continuous improvement Good understanding of current cyber threats, tactics and trends Package & Details Location: Isle of Man (relocation package)/Corsham Hours: 37.5 hours per week, plus on-call rota Working pattern: Monday to Friday, 09 00 (early Friday finish at 16:00, workload permitting) Clearance: SC Cleared This is a great opportunity for someone looking to step into a more senior, visible role within a growing SOC, with real influence over both technical delivery and team development.

Cyber Security Specialist (Operational) Salary: £57,528 - £64,750 per annum Location: Manchester Vacancy Type: Permanent Closing date: 21/06/2026 The National Institute for Health and Care Excellence (NICE) is the independent organisation responsible for providing national guidance and advice on promoting high quality health, public health and social care. We have modern offices in Manchester city centre and Stratford, London. Please take into consideration that you may be required to commute to one of our offices for business purposes if necessary. Job overview Do you want to do meaningful work that makes a genuine difference to society? Our main purpose here at The National Institute for Health and Care Excellence (NICE) is to improve health and wellbeing by putting science and evidence at the heart of health and care decision-making. As an organisation we all collaborate to achieve this goal by empowering our workforce to do great things! Please note that this role may not be eligible for sponsorship under the Skilled Worker route. Please refer to the DirectGov website for more information on eligibility. We reserve the right to close the advert early should we receive sufficient applications, so please don t delay your submission. Main duties of the job As a Cyber Security Specialist (Operational), you will play a key hands on role in protecting NICE s digital platforms, systems, and data from cyber threats. Working as part of a collaborative cyber security function, you will investigate security alerts, manage vulnerabilities, respond to incidents and help ensure our services remain secure, resilient and compliant. The role combines technical expertise with clear communication, supporting both operational delivery and the continual improvement of NICE s cyber security posture. What the candidate will be expected to do / bring Act as a hands on cyber security specialist, investigating security alerts, responding to incidents and supporting day to day operational cyber resilience Configure, manage and maintain security tooling and infrastructure across on premise and cloud environments, embedding secure by design principles Carry out routine vulnerability assessments, threat analysis and horizon scanning to identify and mitigate emerging risks Serve as a technical escalation point for complex security issues, contributing expert analysis and practical solutions Support compliance with recognised security standards and frameworks (e.g. Cyber Essentials, ISO27001), maintaining clear and auditable records Communicate complex technical risks and findings clearly to both technical and non technical stakeholders Person specification Essential: Holds highly developed specialist knowledge and expertise acquired through master s degree level or equivalent qualification/experience. Additionally holds specialist knowledge of the relevant area(s) of expertise as outlined in the person specification, acquired through relevant practical experience and training/development Proven hands on experience in cyber security operations, such as working as a Security Analyst, SOC Analyst or in a similar technical cyber security role Demonstrable experience of incident response and security configuration, with the ability to systematically analyse issues, identify root causes and implement effective solutions Strong technical knowledge of cyber security tooling and techniques, including vulnerability management, incident investigation and monitoring tools such as SIEM, EDR and vulnerability scanners Practical understanding of core cyber security concepts, including network, infrastructure and system security across Windows and Linux environments, with awareness across networking, operating systems and cloud platforms Desirable: One or more of the following qualifications, or equivalent experience, is desirable for this role: FEDIP Senior Practitioner, Cyber Security Professional (ACSP) ,BCS Certificate in Information Security Management Principles (CISMP), SSCP Systems Security Certified Practitioner Working for our organisation The Infrastructure, Cyber & IT Operations team plays a critical role in ensuring NICE s digital services are secure, resilient, and reliable. The team is responsible for safeguarding systems and information, supporting users across the organisation, and maintaining operational stability with minimal risk or disruption. As part of this team, you will help protect nationally important digital services while enabling NICE to deliver trusted guidance and information to health and care users across England. We are passionate and proud of the work we do and the impact we make. NICE offer: Generous NHS Pension Secure your future with one of the most rewarding pension schemes in the UK Flexible working Enjoy a healthy work-life balance with options like remote working, compressed hours and flexible start/finish times Exclusive discounts Save on shopping, dining and more with a Blue Light Card Time to recharge Start with 27 days annual leave plus bank holidays Inclusive staff networks Join supportive communities like Women in NICE, Race Equality Network, Disability Advocacy and NICE and Proud we celebrate diversity Tailored development Grow your career with personalised learning and development opportunities If you feel this is the type of environment you will enjoy working in, apply today! To Apply If you feel you are a suitable candidate and would like to work for The National Institute for Health and Care Excellence (NICE), please click apply to be redirected to our website to complete your application.

Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 650 a day +Corsham / Portsmouth We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. If you'd like to discuss this Senior SOC Analyst in more detail, please send your updated CV to (url removed) and I will get in touch.

SOC Analyst Leeds (Hybrid) £50,000 - £58,000 Package 24/7 Shift Pattern Permanent 25 Days Hols (rising to 27 + Buy and Sell scheme) - Pension (5% Employer) - Healthcare - DIS x 4 Critical Illness Cover - Birthday off - Vendor Training and Accreditations SOC Analyst Join a Growing Cyber Security Operations Team An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market. Benefits 25 days annual leave (rising with service) Birthday day off Hybrid working model Home-based night shifts Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment This is an excellent opportunity for a SOC Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation.

Leeds (Hybrid) 50,000 - 58,000 Package 24/7 Shift Pattern Permanent With extensive Benefits! 25 days annual leave (rising with service to 27) Birthday day off Hybrid working model but mostly work from home Home-based night shifts with certain day shifts also from home 4 days on 4 days off Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment Opportunity Join a Growing Cyber Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market.

Security Operations Centre (SOC) Analyst - Tier 2 Location: Stoke-on-Trent, United Kingdom Employment Type: Permanent, Full-Time Department: Security Operations Salary: Up to £55,000 per annum + shift allowance Working Hours: Rotating shifts (early, late, and nights) on a 4-days-on rota. About the Role We are seeking a proactive Tier 2 SOC Analyst to join a 24x7 Security Operations Centre. You will investigate and manage complex security incidents, support threat hunting activities, and act as an escalation point for Tier 1 analysts. This role offers an excellent opportunity to further develop your technical expertise while helping to strengthen and mature the organisation's security operations capability. Key Responsibilities Lead the triage, investigation, and resolution of medium to high-severity security incidents. Monitor and analyse security events using SIEM, EDR, and other security tools. Act as an escalation point and mentor for Tier 1 analysts. Perform threat analysis and share intelligence across teams. Tune and improve SIEM rules and detection capabilities. Support vulnerability management and remediation activities. Produce incident reports, metrics, and post-incident reviews. Collaborate with Infrastructure, Network, and Development teams to improve security posture. Skills & Experience 1-5 years' experience within a SOC or similar security operations environment. Hands-on experience with incident response, security monitoring, and threat analysis. Experience using SIEM, EDR, and vulnerability management tools. Good understanding of security operations processes, attack techniques, and incident management methodologies. Strong analytical and problem-solving skills. Qualifications (Desirable) Degree in Cyber Security, Information Security, Computer Science, or equivalent experience. Relevant certifications such as CompTIA Security+, CEH, CCSP, CISSP, BTL1, BTL2, or SIEM/vendor-specific certifications. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take a minimum 10 weeks. LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance. An award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over multiple years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience. Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.

Senior Incident Responder £71000 GBP Onsite WORKING Location: Birmingham, West Midlands - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Birmingham or Glasgow Up to £71,000 + Bonus + Benefits Hybrid SC Clearance Required or Eligible Our client - a global technology and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident Re click apply for full job details

SOC Analyst - Corsham - Circa 46,000 per annum - On-site (5 days per week) Permanent SC Clearance Required. Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record check. This is an excellent opportunity to join a forward-thinking, inclusive environment with strong investment in training, development, and employee wellbeing. To apply or learn more, please contact us today at Deerfoot Recruitment . Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.

Incident Response (CSIRT) / Security Operations Centre (SOC) Level 3 Analyst 2-3 Days onsite - Crawley 6-9 Month duration Reporting line: The Analyst will report to the Cyber Security Response Manager and work within the Information Systems directorate, based in the Crawley office click apply for full job details

Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments, and operational recommendations Participate in incident response, providing context, attributions, and support as required Required Skills & Experience: Extensive experience in threat intelligence, cybersecurity operations, or penetration testing Proven ability to work collaboratively with Red/Blue teams and Security Operations Centres (SOC) Hands-on experience with TIPs (Threat Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports and clear technical briefings If you are ready to drive the next wave of cyber defense, apply via Deerfoot Recruitment today to learn more about this exciting contract opportunity. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.

SOC Manager required for innovative MSP. You will lead the strategic direction, performance, and day-to-day operations of their Security Operations Centre (SOC). As a central figure in security services, you'll ensure the efficient detection, analysis, and response to cyber threats across a diverse client portfolio. This leadership role involves mentoring your team, enhancing our security processes, and driving ongoing improvements in threat detection and incident response capabilities. Key Responsibilities Team Leadership & Development Lead and mentor a team of SOC analysts, fostering a collaborative, high-performing environment. Manage team scheduling, conduct performance reviews, and support professional growth and development. SOC Operations Oversight Supervise 24/7/365 monitoring of client environments, ensuring consistent adherence to SLAs for threat detection and incident response. Drive operational efficiency and ensure timely escalation and resolution of security incidents. Incident Response Management Serve as the main escalation point for significant security incidents. Coordinate response efforts and ensure clear communication with both internal teams and external clients. Process & Workflow Optimization Continuously review, update, and document SOC processes, playbooks, and standard operating procedures (SOPs) to improve operational effectiveness. Technology Oversight Ensure the reliability and performance of security tools, including SIEM and EDR platforms. Lead the evaluation, selection, and implementation of new security technologies and enhancements. Reporting & Analytics Develop and maintain KPIs and metrics to assess SOC performance. Deliver regular reports and insights to senior leadership and clients on security trends and incident management. Client Relationship Management Act as a trusted advisor to clients, contributing to service reviews and providing expert security guidance. Required Experience & Skills Proven experience working in a Security Operations Centre (SOC) or related cybersecurity environment. Industry-recognised certifications (preferred), such as a cybersecurity degree, Network+, Security+, or equivalent technical qualifications. Strong hands-on knowledge of SIEM and EDR platforms, including experience configuring and writing queries (eg, SQL, KQL). Familiarity with cloud platforms (AWS, Azure, etc.) and securing hybrid IT environments. Excellent communication skills, both verbal and written, with the ability to translate technical information for non-technical audiences. Previous experience in an incident response role and a solid understanding of IR processes. Demonstrated experience leading or managing a security-focused team. Understanding of key security frameworks and standards, such as ISO 27001, NIST, and Crest.

Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.

SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.

Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.