29 jobs found

Are you an experienced IT professional with a strong background in Microsoft 365 and infrastructure support? Join Transforming PLC as an IT Business Partner and play a key role in supporting and improving digital services that make a real difference across our social care operations. IT Business PartnerManchester Hybrid (with some travel) Full Time, Permanent £40,000 per year plus benefits Please note: you must be authorised to work in the UK Transforming PLC is a UK-based group with social care provider subsidiaries. We are committed to safe, high-quality care, strong governance, and operational excellence. Our Digital Services function enables secure, reliable technology services for colleagues across offices, care settings and hybrid working, supporting better outcomes for the people we support. About the role: We are looking for an experienced IT Business Partner to join our Digital Services team. A hybrid role based in Manchester with some travel, this is a great opportunity for a technically strong, business-focused IT professional to play a key role in supporting and improving technology across a multi-site organisation. You will act as a trusted partner to stakeholders, provide technical expertise across Microsoft 365 and infrastructure, and help ensure our services are secure, reliable and fit for purpose. What you'll be doing: Act as the subject matter expert for IT infrastructure, with a focus on Microsoft 365, connectivity and site-based technologies. Provide Level 3 support and lead technical problem resolution across the organisation. Build strong relationships with stakeholders and act as a trusted advisor on digital services. Support secure, resilient and effective IT services across multiple locations. Work with third-party suppliers and internal teams to improve systems and resolve major incidents. What we're looking for: Strong knowledge of the Microsoft 365 ecosystem and IT infrastructure support. Experience in a senior infrastructure, 3rd line or similar technical support role. Good understanding of networking fundamentals, cyber security and cloud technologies. Experience supporting multi-site environments and managing third-party suppliers. Excellent problem-solving skills and the ability to communicate clearly with technical and non-technical stakeholders. Experience in healthcare or social care environments would be an advantage. What we offer: Competitive salary and benefits package. Hybrid working with flexibility aligned to business needs. Opportunities for professional development and career growth. A collaborative and supportive working environment. If you are a proactive IT professional who enjoys combining technical expertise with stakeholder partnership, we would love to hear from you. Apply now to join us and help shape reliable, secure and effective digital services across the organisation. How to apply for the role: If you have the skills and experience required for this position, click "apply" today and check your inbox for an email providing more information on how to tailor your application and provide a cover letter or any supporting documents. You must be authorised to work in the UK. No agencies please. Other suitable skills and experience includes IT Infrastructure Engineer, Senior IT Support Engineer, 3rd Line Support Engineer, Technical Services Manager, IT Operations Engineer, Microsoft 365 Engineer, Infrastructure Support Analyst, Systems Administrator, IT Manager, Network and Infrastructure Engineer, Digital Services Partner, Technical Account Manager, Cloud Support Engineer, Service Delivery Analyst, End User Computing Engineer, IT Solutions Specialist, ICT Business Partner.

This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office in Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.

Role: Senior Business Analyst (Cyber Resilience & Operational Transformation) Sector: Utilities / Critical National Infrastructure (CNI) Location: UK (Hybrid) Purpose of the Role Lead the business analysis, requirement elicitation, and governance frameworks for critical cyber resilience and operational transformation initiatives. This position bridges corporate technology and site-based industrial systems to translate complex cyber security, data protection, and business continuity expectations into executable, delivery-ready technical specifications. Key Responsibilities Cyber Security & Regulatory Alignment: Drive Cyber Assessment Framework (CAF) aligned activities, executing control mapping, evidence collation, gap analysis, and compilation of robust regulatory Evidence Packs (EP) to satisfy NIS compliance. Resilience & Disaster Recovery (DR): Elicit and define comprehensive end-to-end Business Continuity and Disaster Recovery (BCDR) requirements, focusing on ransomware resilience, data recovery governance, and secure operational restoration. IT/OT Integration Assurance: Collaborate with cross-functional architecture and engineering teams to govern system onboarding (e.g., SIEM/SOC infrastructure monitoring) across both corporate enterprise and industrial Operational Technology (OT/SCADA) environments. Requirements Governance: Create procurement-grade business analysis artifacts, including functional/non-functional specifications, process maps (BPMN), and strict Requirements Traceability Matrices (RTM). Requirements Extensive experience operating as a Senior, Lead, or Principal Business Analyst within a utility, regulated energy network, or CNI environment. Deep domain fluency in cybersecurity, industrial data protection frameworks, and complex disaster recovery structures. Proven exposure mapping technical systems to regulatory frameworks (such as NIS regulations or NCSC guidelines). Randstad Technologies is acting as an Employment Business in relation to this vacancy.

Synapri are supporting a globally recognised Financial Services organisation looking for a Senior Cyber Security and Network Analyst to join their Business Technology Solution department to deliver end to end technology, applications, and services transformations. Responsibilities: Support the delivery and maintenance of the organisation's cyber security and network infrastructure, ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/WAN, Wi-Fi, Internet connectivity, and Layer 2/3 infrastructure Contribute to cyber security and infrastructure projects, including the implementation of new security controls and technologies Perform patching, upgrades, and ongoing maintenance across security and network environments to minimise risk and downtime Develop and maintain security policies, operational procedures, technical documentation, and compliance standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Please apply for further information.

The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)

Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.

Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment

Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .

We re Hiring: Senior Cyber Security Analyst Corsham I m currently looking for a Senior Cyber Security Analyst to join our SOC team at Computer Network Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst, you will support the SOC Team Lead and play a central role in monitoring, triaging, and investigating security events across a range of client environments. You ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends, and insights, as well as contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency and impact Deliver weekly and monthly reporting to clients and stakeholders Communicate security findings and trends directly to clients Support vulnerability management analysis and remediation efforts Lead false-positive reduction and SIEM tuning activities Mentor and support development of Tier 1 and junior analysts Contribute to SOC process improvement and operational efficiency Participate in incident response activities as part of the wider team Lead internal SOC initiatives and projects where required Create and deliver presentations for clients and internal teams What We re Looking For Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving and continuous improvement Good understanding of current cyber threats, tactics and trends Package & Details Location: Isle of Man (relocation package)/Corsham Hours: 37.5 hours per week, plus on-call rota Working pattern: Monday to Friday, 09 00 (early Friday finish at 16:00, workload permitting) Clearance: SC Cleared This is a great opportunity for someone looking to step into a more senior, visible role within a growing SOC, with real influence over both technical delivery and team development.

Cyber Security Officer Based in Broxbourne, Hertfordshire Permanent, full-time, 37 hours per week Salary: £46,631 - £51,813 We have an exciting opportunity for a cybersecurity professional with experience in information security, risk management, and compliance, along with the ability to communicate complex security matters to a range of stakeholders. In this role, you ll help protect our systems, data and people by supporting and enhancing our cybersecurity framework. Working closely with colleagues, suppliers and senior stakeholders, you ll co-ordinate cyber risk management activities, maintain key security controls and ensure compliance with relevant standards and best practice. You ll play an important role in strengthening our cyber resilience, leading security awareness initiatives, supporting incident response and helping to embed a security-first culture across the business. Through your work, you ll help ensure security considerations are integrated into projects, processes and decision-making, enabling us to operate safely and confidently in an evolving threat landscape. We re looking for someone with - Experience in an information security and/or cybersecurity role - Experience producing clear policies, procedures, risk registers and reports for non-technical audiences - Good working knowledge of Microsoft 365 and/or Azure AD (Entra ID), endpoint security, email security and core network concepts - An understanding of UK data protection principles and how security controls support compliance - Strong stakeholder management skills - A relevant qualification(s) or evidence of continuous professional development (e.g., Cyber Essentials/Plus familiarity, CompTIA Security+, SC-900, ISO 27001 Foundation, or equivalent experience) A basic DBS check will be required for this role, which we will pay for. We re a social business, based in Turnford and across southeast Hertfordshire, helping local people by renting or selling affordable homes. We offer services designed to help our customers live comfortably in their homes, and we work to keep our buildings and estates maintained, offering support when money becomes an issue or when people get older. Our mission is to make a sustainable, positive change to the housing crisis for our customers and communities. We enjoy a benefits package that offers something for everyone, including - 27 days holiday per year plus bank holidays (pro rata for part-time colleagues). - Buy and sell holiday scheme. - Cross-organisational bonus scheme. - Up to 12% pension contribution. - Life assurance cover. - Funded health cash plan or subsidised private medical insurance. - Discount vouchers. - Enhanced family leave. - Range of special leave. - Car loans, cycle to work and electric car lease scheme. The closing date for this vacancy is 15th June 2026. We are a Disability Confident employer, which means that we offer an interview to a fair and proportionate number of disabled applicants who meet the minimum selection criteria for the job. Other organisations may call this role Cyber Security Analyst, Information Security Officer, Information Security Analyst, Cyber Security Specialist, IT Security Officer, IT Security Analyst, Cyber Risk Officer, or Security and Compliance Officer. We re committed to building an inclusive workplace where equity, diversity and inclusion are part of our culture, as we recognise the benefits of a diverse workforce. Our 3-year EDI strategy outlines how we ll achieve this. We strongly welcome applications from underrepresented groups and groups which are identified as a priority within our strategy, including LGBTQIA+, Black, Asian and Minority Ethnic communities, applicants with disabilities and people under 30. We understand that some candidates, particularly from certain groups, may hesitate to apply unless they meet every requirement. While we re looking for people with the right skills and experience, we also value diverse backgrounds and transferable skills. If you meet most of the criteria and believe you d thrive in the role, we encourage you to apply. All our vacancies are open to flexible working arrangements, something we are really proud of. The extent to which flexible working is possible will vary between jobs according to the needs of the business and our customers. So, if you d like to join us as a Cyber Security Officer, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.

Cyber Security Specialist (Operational) Salary: £57,528 - £64,750 per annum Location: Manchester Vacancy Type: Permanent Closing date: 21/06/2026 The National Institute for Health and Care Excellence (NICE) is the independent organisation responsible for providing national guidance and advice on promoting high quality health, public health and social care. We have modern offices in Manchester city centre and Stratford, London. Please take into consideration that you may be required to commute to one of our offices for business purposes if necessary. Job overview Do you want to do meaningful work that makes a genuine difference to society? Our main purpose here at The National Institute for Health and Care Excellence (NICE) is to improve health and wellbeing by putting science and evidence at the heart of health and care decision-making. As an organisation we all collaborate to achieve this goal by empowering our workforce to do great things! Please note that this role may not be eligible for sponsorship under the Skilled Worker route. Please refer to the DirectGov website for more information on eligibility. We reserve the right to close the advert early should we receive sufficient applications, so please don t delay your submission. Main duties of the job As a Cyber Security Specialist (Operational), you will play a key hands on role in protecting NICE s digital platforms, systems, and data from cyber threats. Working as part of a collaborative cyber security function, you will investigate security alerts, manage vulnerabilities, respond to incidents and help ensure our services remain secure, resilient and compliant. The role combines technical expertise with clear communication, supporting both operational delivery and the continual improvement of NICE s cyber security posture. What the candidate will be expected to do / bring Act as a hands on cyber security specialist, investigating security alerts, responding to incidents and supporting day to day operational cyber resilience Configure, manage and maintain security tooling and infrastructure across on premise and cloud environments, embedding secure by design principles Carry out routine vulnerability assessments, threat analysis and horizon scanning to identify and mitigate emerging risks Serve as a technical escalation point for complex security issues, contributing expert analysis and practical solutions Support compliance with recognised security standards and frameworks (e.g. Cyber Essentials, ISO27001), maintaining clear and auditable records Communicate complex technical risks and findings clearly to both technical and non technical stakeholders Person specification Essential: Holds highly developed specialist knowledge and expertise acquired through master s degree level or equivalent qualification/experience. Additionally holds specialist knowledge of the relevant area(s) of expertise as outlined in the person specification, acquired through relevant practical experience and training/development Proven hands on experience in cyber security operations, such as working as a Security Analyst, SOC Analyst or in a similar technical cyber security role Demonstrable experience of incident response and security configuration, with the ability to systematically analyse issues, identify root causes and implement effective solutions Strong technical knowledge of cyber security tooling and techniques, including vulnerability management, incident investigation and monitoring tools such as SIEM, EDR and vulnerability scanners Practical understanding of core cyber security concepts, including network, infrastructure and system security across Windows and Linux environments, with awareness across networking, operating systems and cloud platforms Desirable: One or more of the following qualifications, or equivalent experience, is desirable for this role: FEDIP Senior Practitioner, Cyber Security Professional (ACSP) ,BCS Certificate in Information Security Management Principles (CISMP), SSCP Systems Security Certified Practitioner Working for our organisation The Infrastructure, Cyber & IT Operations team plays a critical role in ensuring NICE s digital services are secure, resilient, and reliable. The team is responsible for safeguarding systems and information, supporting users across the organisation, and maintaining operational stability with minimal risk or disruption. As part of this team, you will help protect nationally important digital services while enabling NICE to deliver trusted guidance and information to health and care users across England. We are passionate and proud of the work we do and the impact we make. NICE offer: Generous NHS Pension Secure your future with one of the most rewarding pension schemes in the UK Flexible working Enjoy a healthy work-life balance with options like remote working, compressed hours and flexible start/finish times Exclusive discounts Save on shopping, dining and more with a Blue Light Card Time to recharge Start with 27 days annual leave plus bank holidays Inclusive staff networks Join supportive communities like Women in NICE, Race Equality Network, Disability Advocacy and NICE and Proud we celebrate diversity Tailored development Grow your career with personalised learning and development opportunities If you feel this is the type of environment you will enjoy working in, apply today! To Apply If you feel you are a suitable candidate and would like to work for The National Institute for Health and Care Excellence (NICE), please click apply to be redirected to our website to complete your application.

Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 650 a day +Corsham / Portsmouth We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. If you'd like to discuss this Senior SOC Analyst in more detail, please send your updated CV to (url removed) and I will get in touch.

Senior Network Analyst - Hybrid Our client is urgently looking for an experienced Senior Network Analyst to join their team based near Epsom on a permanent basis. You will have a strong, hands-on background in Networking, as well as some added Cyber Security experience. Please note, the role is hybrid, with 2-3 days on-site each week. You will have a strong Network Engineering background (a minimum of 5-7 years) with added Cyber experience and will have led and performed new installations/kit builds. You will be rewarded with an excellent salary, as well as a brilliant benefits package including bonus, annual leave, leading pension contribution (up to 21%), car schemes, on-site canteen, restaurant and gym (heavily subsidised), medical insurance, life assurance, income protection, hybrid working and a genuinely fantastic working culture! Senior Network Analyst - Key Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing L2/3 network infrastructure Qualys Vulnerability Management Aruba Wifi L2/3 switching - Cisco Nexus Network Load balancing Penetration Testing (3rd Party) Incident management Data Security Senior Network Analyst - Hybrid Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website

Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.

Senior Technical Support Analyst Edinburgh Up to 35,000 + excellent benefits (including bonus) Are you a proactive IT professional who thrives on solving complex technical challenges and supporting clients in a meaningful way? We're working with a well-established IT services provider that has spent over two decades helping organisations deliver secure, efficient, and future-ready technology strategies. This organisation prides itself on building long-term partnerships with clients, taking a people-first approach to technology, and delivering solutions that genuinely improve day-to-day operations. The Role As a Senior Technical Support Analyst, you'll join a highly collaborative team in a hands-on, client-facing position. You'll act as a key escalation point within the service desk, taking ownership of complex issues and ensuring high-quality resolutions as well as playing an important role in project delivery. What Makes This Opportunity Stand Out This client is deeply committed to learning and development. They actively invest in their people through: Quarterly coaching and structured development sessions Paid training and certification opportunities Ongoing mentoring from experienced colleagues Clear pathways for progression and skill development What You'll Bring Strong experience in 2nd line IT support Expertise across Microsoft 365, Windows Server, networking, and virtualisation A customer-focused mindset with excellent problem-solving skills Ability to manage priorities effectively and communicate clearly with clients Desirable experience includes Azure, and knowledge of cyber security frameworks If this sounds of interest, please apply now for a confidential chat to find out more!

Senior Technical Support Analyst Edinburgh Up to £35,000 + excellent benefits (including bonus) Are you a proactive IT professional who thrives on solving complex technical challenges and supporting clients in a meaningful way? We're working with a well-established IT services provider that has spent over two decades helping organisations deliver secure, efficient, and future-ready technology strategies. This organisation prides itself on building long-term partnerships with clients, taking a people-first approach to technology, and delivering solutions that genuinely improve day-to-day operations. The Role As a Senior Technical Support Analyst, you'll join a highly collaborative team in a hands-on, client-facing position. You'll act as a key escalation point within the service desk, taking ownership of complex issues and ensuring high-quality resolutions as well as playing an important role in project delivery. What Makes This Opportunity Stand Out This client is deeply committed to learning and development. They actively invest in their people through: Quarterly coaching and structured development sessions Paid training and certification opportunities Ongoing mentoring from experienced colleagues Clear pathways for progression and skill development What You'll Bring Strong experience in 2 line IT support Expertise across Microsoft 365, Windows Server, networking, and virtualisation A customer-focused mindset with excellent problem-solving skills Ability to manage priorities effectively and communicate clearly with clients Desirable experience includes Azure, and knowledge of cyber security frameworks If this sounds of interest, please apply now for a confidential chat to find out more!

Job Title: DV Cleared Cyber Security Operations - Senior Analyst Location: Corsham 5 days Duration: Until 31/12/2026 Rate: Up to 850 per day via an approved umbrella company Must be willing and eligible to go through the DV clearance process Are you an experienced cyber security professional with a passion for protecting critical assets? Our client, a reputable organisation, is hiring for a Senior Analyst to join their Cyber Security Operations team. This is a fantastic opportunity to work within a dynamic environment, supporting the delivery of essential security controls aligned with the NIST Cyber Security Framework. What you'll be doing: Maintain and optimise SOC PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. Conduct forensic analysis, malware reverse engineering, and develop IOCs and detection signatures. Manage and integrate logs from various sources, ensuring full visibility and compliance. Analyse attacker TTPs and manage threat intelligence, including incident assessment and reporting. Collaborate with stakeholders to ensure operational effectiveness and continuous process improvement. Maintain knowledge of current cyber threats and emerging trends. What you'll bring: Proven hands-on experience with SIEM and SOAR platforms such as Trend, Elastic, or SolarWinds. Strong understanding of Windows and Linux OS, log collection, and threat detection techniques. Ability to create and modify detection rules, automate scripts, and correlate data from multiple sources. Knowledge of malware analysis, threat intelligence, and forensic techniques. Current DV clearance is essential. Skills in Python, PowerShell, BASH, or similar scripting languages. Familiarity with ISO 27001, MITRE ATT&CK, and ITIL frameworks. Desired skills: Certifications like CompTIA Security+, CySA+, PenTest+, or MCSE. Experience with network forensics and intrusion detection systems. Join a forward-thinking team where your expertise will make a real impact. If you're ready to take on a challenging role in cyber security, apply now to support our client's mission to stay ahead of evolving threats. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.

Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.

We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.

Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.