96 jobs found

We re Hiring: Senior Cyber Security Analyst Corsham I m currently looking for a Senior Cyber Security Analyst to join our SOC team at Computer Network Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst, you will support the SOC Team Lead and play a central role in monitoring, triaging, and investigating security events across a range of client environments. You ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends, and insights, as well as contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency and impact Deliver weekly and monthly reporting to clients and stakeholders Communicate security findings and trends directly to clients Support vulnerability management analysis and remediation efforts Lead false-positive reduction and SIEM tuning activities Mentor and support development of Tier 1 and junior analysts Contribute to SOC process improvement and operational efficiency Participate in incident response activities as part of the wider team Lead internal SOC initiatives and projects where required Create and deliver presentations for clients and internal teams What We re Looking For Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving and continuous improvement Good understanding of current cyber threats, tactics and trends Package & Details Location: Isle of Man (relocation package)/Corsham Hours: 37.5 hours per week, plus on-call rota Working pattern: Monday to Friday, 09 00 (early Friday finish at 16:00, workload permitting) Clearance: SC Cleared This is a great opportunity for someone looking to step into a more senior, visible role within a growing SOC, with real influence over both technical delivery and team development.

Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.

Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.

Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.

IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.

OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.

Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment

Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do The Principal IAM Engineer is the senior technical authority for identity services, responsible for designing, implementing, and governing enterprise-wide IAM capabilities across workforce, partner, and customer identities. This role combines deep hands-on engineering with architecture and leadership, driving the modernization of authentication, authorization, identity lifecycle, and privileged access controls across our cloud and on-prem environments. Responsibilities: Own the end to end technical delivery of IAM services, including identity lifecycle management, authentication, authorization, SSO, and privileged access controls, ensuring they are secure, scalable, and highly available. Lead design sessions, collaborating with Entrprise Architecture, and implementation of IAM integrations for SaaS, on prem, and AWS cloud platforms, including federation (SAML, OIDC, OAuth), MFA, and Passwordless capabilities. Serve as the primary escalation point for complex IAM engineering issues; perform root cause analysis and drive long term remediation and hardening of IAM platforms and related services. Partner with security architecture, infrastructure, application, and HR/IT teams to align IAM solutions with enterprise security strategy, compliance obligations, and business objectives. Define IAM engineering standards, patterns, and reference architectures; guide other engineers in implementing secure onboarding patterns for applications into IGA, PAM, and SSO platforms. Lead modernization initiatives. Contribute to audits, risk assessments, and regulatory reviews by providing technical evidence, designing compensating controls, and closing identified IAM control gaps. Mentor and coach IAM engineers and analysts, promoting engineering excellence, documentation discipline, and a culture of continuous learning and improvement. What You'll Bring 10+ years of experience in information security or infrastructure engineering, with at least 5 years of hands-on-keyboard experience with core IAM platforms. Deep expertise with the majority of our IAM stack Strong hands-on experience with Microsoft Entra ID and Active Directory as foundational directory services, and extensive experience implementing federation protocols (SAML, OIDC, OAuth2). Proven track record designing and implementing IAM solutions in hybrid multi-cloud environments, including the automation of provisioning, access reviews, and RBAC/ABAC models. Experience with secrets management solutions. Proficiency in at least one scripting or programming language (such as PowerShell, Python, or Java) to automate tasks and build custom connectors for our IAM tools. Excellent communication skills with the ability to translate complex technical concepts related to our IAM ecosystem for both technical and non-technical stakeholders. Exceptional sense of ownership and the ability to work with a limited set of requirements. Highly advanced ability to breakdown work to deliver value incrementally. Experience leading large-scale IAM programs. Prior responsibility as a technical lead or architect for IAM, including mentoring teams and influencing roadmaps beyond direct reporting lines. Demonstrated ability to balance security, usability, and operational efficiency, with a strong bias toward automation and measurable risk reduction. Define and lead the implementation of the organization's security strategy, with a focus on Cloud Security, Identity Access Management, and all other aspects of Cybersecurity Oversee the deployment of IAM solutions across both on-premise and cloud environments, ensuring they meet the highest standards of security. Lead the most complex security assessments, including threat modeling, red teaming, and cloud security reviews. Collaborate with executive leadership to ensure that security initiatives align with the organization's strategic goals and risk appetite. Act as the technical lead for large-scale security projects, coordinating cross-functional teams to ensure successful delivery. Architect and implement solutions across workforce IAM, PAM, and customer IAM ecosystems. Provide thought leadership in adopting passwordless authentication, passkeys, adaptive MFA, and AI-driven access orchestration strategies Engineer integrations with Agentic AI tools for intelligent decisioning, policy enforcement, and autonomous identity lifecycle operations. Develop and implement automated provisioning/deprovisioning workflows Ensure integration of IAM with cloud platforms (Azure, AWS, GCP) and SaaS applications. Mentor and develop the skills of senior security engineers, fostering a culture of continuous improvement and innovation. Technical Experience Must-Have: Privileged Access management (CyberArk) Authentication/AuthN (Okta) Federated Identity (EntraID) Cloud Identity (AWS, GCP, Azure) Automation (terraform, codex, claude) Application SSO (OIDC, SAML) Identity Governance (Sailpoint, Okta, Veza) Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.

This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office near Cheltenham, Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.

Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .

An exciting opportunity for a passionate Network Security Engineer to join a unique, multi-national Information Management function. Ideal candidates should be committed to protecting our critical systems and ensuring the integrity and security of our network infrastructure. Salary: Circa £50,000depending on experience+ shift allowance Dynamic (hybrid) working: 5 days per week on-site due to workload classification, working a 24/7 Shift Pattern Security Clearance: British Citizen This role will require DV Clearance. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS) and a Security Check (SC) clearance, which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more The opportunity: Join our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions to protect against evolving threats. Collaborating with cross-functional teams, you will work on implementing changes securely, identifying vulnerabilities, managing security incidents and ensuring compliance with industry best practices. The role will be involved in the optimisation of network security tools to remediate "purple team" highlighted areas identified for improvement. You will also have the opportunity to immerse your time into the standardisation of network tools. This is a dynamic opportunity to contribute to security initiatives, solve complex challenges, and have a direct impact on the overall resilience of our IT environment. If you are passionate about security and proactive defence, this role is the perfect fit. If you are looking to leverage your technical skills in a values-led company that values innovation and diversity, this is the place to make an impact. What we're looking for from you: ESSENTIALS Solid understanding of networking principles (TCP/IP, DNS, routing, switching, VLANS and load balancing) Strong expertise in configuring, maintaining and troubleshooting firewalls e.g. Cisco, Checkpoint, Palo Alto Demonstrable hands-on experience in next-gen firewalls and advancing security features like IPS/IDS, SSL decryption and deep packet inspection. Proven experience in managing secure proxy solutions (e.g. Bluecoat, F5) and the ability to implement policies for content filtering, SSL inspection and network traffic monitoring. In depth knowledge of security protocols such as IPSec, SSL / TLS, VPNs and two factor authentication. Understanding of network architectures and security zones (DMZ, internal networks). Proficient in monitoring technologies e.g. PRTG, Nagios. DESIRABLES Understanding of cyber security capabilities and their integrations to networks infrastructure. Existing knowledge of / aptitude to learn Darktrace Antigena and Respond, Splunk ES or Log Rhythm tools. Strong ability to interpret complex information via use of packet capture in order to identify malicious traffic in detail, revealing attacker behaviours like C2, exploitation, lateral movement, or data exfiltration. Proven ability to review SOC alerting in collaboration with SOC analysts to effectively triage and manage Tier 1 SOC alerts to the appropriate outcome. Experience with LDAP, and application traffic flow root cause analysis. Previous experience to identify root cause from (TBC for review - Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools). Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.

Incident Response (CSIRT)/SOC Level 3 Analyst - Outside IR35 Location: Crawley (2-3 days onsite) Contract: 6 months Outside IR35 We are looking for an experienced Incident Response (CSIRT)/SOC Level 3 Analyst to join a high-performing cyber security operations team on an initial 6-month contract. This is an excellent opportunity for a senior cyber security professional with strong incident response, threat hunting, and SOC expertise to play a critical role in protecting enterprise IT and operational environments from advanced cyber threats. You will work closely with cyber security operations teams, technical service providers, and senior stakeholders to detect, investigate, contain, and remediate cyber security incidents while continuously improving security operations capabilities. Key Responsibilities: Lead the investigation and response to high-severity cyber security incidents and escalated alerts Drive containment, eradication, and recovery activities to minimise business impact Perform advanced threat hunting using threat intelligence, IOCs, and behavioural analysis Analyse complex security events across endpoints, networks, cloud, applications, and infrastructure Improve and develop incident response playbooks, SOC procedures, and technical standards Support SIEM use case development, log onboarding, and detection engineering initiatives Work with internal teams and external MSSP providers to improve monitoring and detection coverage Support and enhance SOAR workflows to automate response and enrichment processes Conduct forensic investigations using multiple security data sources and provide actionable findings Contribute to cyber resilience exercises, simulation testing, and crisis scenario planning Produce operational metrics, dashboards, and reporting to improve SOC performance Participate in audit and compliance activities including security frameworks and standards Identify opportunities for continuous improvement across detection, response, and automation Required Skills & Experience: Strong experience working in a SOC Level 3, CSIRT, or senior incident response role Proven experience managing and responding to high-priority cyber security incidents Strong knowledge of: Incident Response Threat Hunting Digital Forensics SIEM platforms SOAR tools Detection Engineering Experience investigating alerts across: Endpoint security tools Network security tools Cloud environments Enterprise applications Strong understanding of threat intelligence, attack techniques, and adversary behaviour Experience mentoring junior SOC analysts and supporting operational maturity Strong communication skills with the ability to explain technical risks to non-technical stakeholders Desirable: Knowledge of Operational Technology (OT) environments, industrial systems, or critical infrastructure security Exposure to security frameworks and standards such as: ISO 27001 NCSC CAF SOC audits Ideal Candidate: You are a technically strong cyber security professional who thrives in fast-paced environments and can confidently lead incident response activities during critical situations. You will bring deep SOC and cyber defence expertise, a proactive mindset, and a strong focus on continuous improvement.

SOC Analyst (Contract) - SC Cleared Required Location: Cheltenham (Remote - UK Based) Rate: 500 - 685 per day (Umbrella, Inside IR35) Contract Length: 3 Months SC Clearence: Due to the sensitive nature of the work, candidates must hold active UK Government Security Clearance (SC) . The Opportunity We are looking for a SOC Analyst to join a high-performing Security Operations Centre (SOC) team delivering critical cyber defence capabilities within a secure client environment. This is an exciting opportunity to work on impactful projects, collaborating with experienced security professionals while gaining hands-on exposure to real-world cyber threats in a fast-paced, dynamic setting. Key Responsibilities As a SOC Analyst, you will: Monitor, triage, and respond to security alerts and incidents Investigate and analyse potential threats across multiple environments Escalate security events in line with defined processes Support continuous improvement through alert tuning and optimisation recommendations Produce clear and concise incident and performance reports Maintain awareness of the latest cyber threats, vulnerabilities, and attack techniques Collaborate with wider security teams to strengthen detection and response capabilities Skills & Experience Required Prior experience (1-2 years desirable) in a SOC Analyst or similar security role Strong understanding of: Computer networks Operating systems (Windows/Linux) Software, hardware, and general IT infrastructure Awareness of cybersecurity risks across technologies and how to mitigate them Working knowledge of security technologies, including: Network & application firewalls Host Intrusion Prevention Systems (HIPS) Antivirus / endpoint protection tools Relevant academic qualifications or industry training (e.g., Cyber Security, IT Security)

SF Partners are working with a business based in Nuneaton who are looking for a Business Development Manager to join the team £40,000 - £50,000 You must have a background within Law Firms, Law Enforcement, Defense or Cyber Security. Role Purpose To drive revenue growth and proactively sourcing opportunities specifically across digital forensics and cell site analysis services, expanding our presence within key markets including legal, corporate and law enforcement. The role will focus on developing high-value client relationships, identifying forensic-led opportunities, and positioning the business as a trusted partner in complex investigations. Key Responsibilities & Personal Development Digital Forensics and Cell Site Business Development Identify, target, and secure new business opportunities across digital forensics and cell site analysis services through outbound activity, networking, and referrals. Client Engagement & Consultative Selling Engage with clients to understand investigative requirements (e.g. data recovery, device analysis, expert witness work) and propose tailored forensic solutions. Market Expansion Develop and grow the companies footprint in key sectors such as: - Legal firms - Corporate investigations (fraud, insider threat, misconduct) - Law enforcement and public sector Account Management Build and maintain long-term client relationships, becoming a trusted advisor for ongoing and repeat forensic engagements. Revenue Growth Consistently meet and exceed sales targets, with a focus on high-value forensic engagements and retained client relationships. Collaboration with Technical Teams Work closely with forensic analysts and delivery teams to ensure accurate scoping, pricing, and successful project delivery. Lead Generation & Pipeline Development Build and manage a strong pipeline through proactive outreach, events, partnerships, and targeted campaigns. Digital & Social Selling Demonstrate effective use of LinkedIn and social platforms to build personal brand and generate leads CRM Management Use CRM tools (HubSpot) to manage pipeline, track activity, and maintain accurate sales records. Marketing Collaboration Work with marketing to develop and execute campaigns aligned to forensic services and track performance. Personal Development - Continue to develop their knowledge with training and events. - Identify any personal training or development opportunities that will support the business. - Achieve Development Objectives as agreed within current PDR. Knowledge/Experience/Technical Skills/Behaviours Essential: - - Minimum 3 years' experience in B2B sales (ideally within digital forensics, legal services or technical consultancy) - Strong understanding of digital forensics and investigation workflows. - Experience selling complex, consultative services. - Proven track record of meeting or exceeding sales targets. - Strong communication, negotiation, and presentation skills. - Ability to engage with both technical and non-technical stakeholders. - Self-motivated with strong organisational and time management skills Interpersonal - Skills: Strong communication, negotiation, and presentation skills. Desirable - Existing network of industry contacts and clients in relevant verticals. - Understanding of expert witness services and litigation support. - Experience working with or selling into law firms, corporate investigation teams, or public sector. - Knowledgeable user of HubSpot (or another CRM). Behaviours - Commercially driven with a strong growth mindset - Customer-focused and solutions-oriented - Builds trust and long-term relationships - Proactive, self-starter with a "can do" attitude - Strong communicator and collaborator - High levels of integrity and professionalism - Confident in client-facing and public speaking environments - Adaptable and responsive to changing priorities - Values diversity and teamwork NB: You must be able to pass a NVVP3/SC security clearance check and have the right to work in the UK

Cyber Security Officer Based in Broxbourne, Hertfordshire Permanent, full-time, 37 hours per week Salary: £46,631 - £51,813 We have an exciting opportunity for a cybersecurity professional with experience in information security, risk management, and compliance, along with the ability to communicate complex security matters to a range of stakeholders. In this role, you ll help protect our systems, data and people by supporting and enhancing our cybersecurity framework. Working closely with colleagues, suppliers and senior stakeholders, you ll co-ordinate cyber risk management activities, maintain key security controls and ensure compliance with relevant standards and best practice. You ll play an important role in strengthening our cyber resilience, leading security awareness initiatives, supporting incident response and helping to embed a security-first culture across the business. Through your work, you ll help ensure security considerations are integrated into projects, processes and decision-making, enabling us to operate safely and confidently in an evolving threat landscape. We re looking for someone with - Experience in an information security and/or cybersecurity role - Experience producing clear policies, procedures, risk registers and reports for non-technical audiences - Good working knowledge of Microsoft 365 and/or Azure AD (Entra ID), endpoint security, email security and core network concepts - An understanding of UK data protection principles and how security controls support compliance - Strong stakeholder management skills - A relevant qualification(s) or evidence of continuous professional development (e.g., Cyber Essentials/Plus familiarity, CompTIA Security+, SC-900, ISO 27001 Foundation, or equivalent experience) A basic DBS check will be required for this role, which we will pay for. We re a social business, based in Turnford and across southeast Hertfordshire, helping local people by renting or selling affordable homes. We offer services designed to help our customers live comfortably in their homes, and we work to keep our buildings and estates maintained, offering support when money becomes an issue or when people get older. Our mission is to make a sustainable, positive change to the housing crisis for our customers and communities. We enjoy a benefits package that offers something for everyone, including - 27 days holiday per year plus bank holidays (pro rata for part-time colleagues). - Buy and sell holiday scheme. - Cross-organisational bonus scheme. - Up to 12% pension contribution. - Life assurance cover. - Funded health cash plan or subsidised private medical insurance. - Discount vouchers. - Enhanced family leave. - Range of special leave. - Car loans, cycle to work and electric car lease scheme. The closing date for this vacancy is 15th June 2026. We are a Disability Confident employer, which means that we offer an interview to a fair and proportionate number of disabled applicants who meet the minimum selection criteria for the job. Other organisations may call this role Cyber Security Analyst, Information Security Officer, Information Security Analyst, Cyber Security Specialist, IT Security Officer, IT Security Analyst, Cyber Risk Officer, or Security and Compliance Officer. We re committed to building an inclusive workplace where equity, diversity and inclusion are part of our culture, as we recognise the benefits of a diverse workforce. Our 3-year EDI strategy outlines how we ll achieve this. We strongly welcome applications from underrepresented groups and groups which are identified as a priority within our strategy, including LGBTQIA+, Black, Asian and Minority Ethnic communities, applicants with disabilities and people under 30. We understand that some candidates, particularly from certain groups, may hesitate to apply unless they meet every requirement. While we re looking for people with the right skills and experience, we also value diverse backgrounds and transferable skills. If you meet most of the criteria and believe you d thrive in the role, we encourage you to apply. All our vacancies are open to flexible working arrangements, something we are really proud of. The extent to which flexible working is possible will vary between jobs according to the needs of the business and our customers. So, if you d like to join us as a Cyber Security Officer, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.

Level 1 Cyber Security Analyst Must have an Active DV Clearance as immediate starts available Level 1 Cyber Security Analyst Responsibilities Monitor SIEM tooling to identify potential security threats. Perform initial investigation and triage of security alerts. Escalate incidents in line with defined processes. Oversee Security Operators during shift activities. Identify and report faults within monitoring tools. Support continuous security monitoring across a 24x7 operation. Follow incident management processes to ensure timely response. Level 1 Cyber Security Analyst Skills and Experience Experience within cyber security or security operations environments. Strong understanding of SIEM tools and alert handling. Technical knowledge across enterprise IT such as networks or Servers. Ability to lead activities within a shift environment. Strong communication skills across technical teams. Level 1 Cyber Security Analyst Additional Information To apply, please send your CV by pressing the apply button Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take a minimum 18 weeks. LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance. An award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over multiple years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience. Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.

We are supporting a leading technology organisation in the search for a Cyber Security Analyst to join its Security Operations team. This is an excellent opportunity to join a fast-paced cybersecurity environment, helping to protect critical infrastructure and enterprise systems through proactive monitoring, incident response, and threat analysis. Working as part of a 24/7 operational security function, you will play a key role in identifying, investigating, and responding to security threats across both cloud-based and on-premise environments. Key Responsibilities Monitor security events, alerts, and incidents across enterprise networks and systems. Manage security cases and tickets through to resolution. Analyse logs and data from SIEM platforms, security monitoring tools, network infrastructure, and endpoint technologies. Investigate and triage security alerts to identify malicious activity and determine attack methods and techniques. Follow established incident response and escalation procedures to contain and mitigate security risks. Ensure all incidents are accurately documented, including indicators of compromise, evidence, and investigation findings. Identify and address false positives, providing feedback to improve detection capabilities. Support the development and optimisation of security monitoring rules and processes. Analyse data sets to identify security gaps and recommend improvements. Skills & Experience Essential Degree in Information Security, Computer Science, Digital Forensics, or a related discipline, or equivalent industry experience. 3+ years' experience in cyber security, security operations, threat analysis, or security monitoring. Experience investigating security incidents and working within a Security Operations Centre environment. Understanding of incident response processes, security event triage, and escalation procedures. Strong knowledge of networking protocols, authentication mechanisms, and common attack techniques. Good understanding of information security principles, technologies, and best practices. Experience securing and supporting Windows and Linux environments. Excellent written and verbal communication skills. Desirable Industry certifications such as GCIH, GCIA, or equivalent cyber security qualifications. Experience working with SIEM platforms and security monitoring technologies. Knowledge of Oracle and virtualised environments. What's on Offer Opportunity to work within a highly skilled cyber security team. Exposure to complex security environments and emerging threats. Ongoing professional development and training opportunities. Collaborative and supportive working culture. Competitive salary, bonus and benefits package. This is an excellent opportunity for a Cyber Security Analyst looking to further develop their incident response, threat analysis, and security operations expertise within a technically challenging environment. TT

Cyber Security Analyst Taunton, Somerset | On-site | Up to £50,000 per annum + Bonus | Permanent Our client is seeking a Cyber Security Analyst to join their IT department on a permanent basis. This is an excellent opportunity for an individual with a passion for cyber security to play a key role in protecting and enhancing the business's security posture. The successful candidate will support the monitoring, investigation and response to cyber threats, assist with vulnerability management, and help maintain secure systems, networks and infrastructure. Working closely with engineers across the IT team, you will contribute to security improvements, support compliance initiatives, and help ensure the organisation remains protected against evolving cyber risks. This role would suit someone with a strong interest in cyber security, a proactive approach to problem-solving, and a desire to develop their career within a collaborative and forward-thinking environment. Required Experience: Experience working within an IT support, infrastructure, cyber security or IT operations environment. Knowledge of core cyber security principles, including vulnerability management, threat detection and incident response. Experience monitoring and investigating security alerts and events. Understanding of network, endpoint and cloud security concepts. Familiarity with security tools such as SIEM, endpoint protection and vulnerability scanning solutions. Experience supporting security controls and maintaining secure system configurations. Knowledge of information security frameworks and standards such as ISO 27001, Cyber Essentials Plus and PCI DSS. Ability to analyse security data, identify trends and make recommendations for improvement. Strong troubleshooting, analytical and problem-solving skills. Excellent communication skills with the ability to explain technical concepts to a range of stakeholders. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website

DevOps Engineer SC cleared Permanent Flexible AWS Terraform SC Cleared At Peregrine, we re always seeking Specialist Talent that have the ideal mix of skills, experience, and attitude, to place with our vast array of clients. From Business Analysts in large government organisations to Software Developers in the private sector we are always in search of the best talent to place, now. The role: We are seeking an SC cleared DevOps Engineer to work as a forward deployed engineer, embedded within the Cyber Capability Unit. The role will support the design, build and deployment of AI powered solutions that strengthen cyber security and fraud prevention capabilities. You will work closely with engineers, product owners and stakeholders to understand operational needs, develop prototypes and deploy secure, reliable solutions within approved platforms and environments. This role directly supports the Cyber Resilience Centre s mission and contributes to the wider security strategy by delivering practical, governed AI solutions that provide measurable operational value. Responsibilities: Cloud and Platform Integration Design and deploy solutions in AWS cloud environments Use infrastructure as code to ensure repeatable and compliant deployments Ensure all solutions meet organisational governance, security and compliance standards CI/CD and Automation Configure, manage and maintain GitLab CI pipelines Automate testing, build and deployment of infrastructure, applications and services Promote best practice DevOps ways of working across environments Testing and Quality Implement unit, integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis in live environments Collaboration and Delivery Work closely with engineers, analysts and stakeholders Translate requirements into working technical solutions Support deployment, handover and ongoing optimisation of delivered capabilities Skills & Experience: Active SC clearance Strong experience deploying and operating solutions in AWS Infrastructure as code using Terraform CI/CD pipeline development using GitLab CI Experience with monitoring, logging and alerting tools Understanding of secure DevOps practices in regulated environments Experience working with large data stores or big data platforms Desirable skills: Experience supporting AI or data driven platforms Knowledge of cyber security or fraud prevention domains Experience working within government or critical national infrastructure environments About Peregrine We build workforces that deliver tech and change programmes at leading UK organisations. By combining data science from Peregrine Intelligence, our industry-accredited Peregrine Academy, and market-leading attraction and diversity initiatives, we bridge capability gaps at all levels in public and private sector organisations. We work closely with our clients to understand their challenges and deliver flexible, long-term solutions that make a real difference. When you join Peregrine, you become part of a team that s focused on growth, both yours, our clients , and the sectors we support. You ll also get access to a full range of benefits alongside your salary. How Specialist Talent Works As a permanent employee at Peregrine, you ll be part of our Specialist Talent team. That means you ll work on-site or remotely with our clients, supporting them on complex, high-impact projects in Data, Digital and Business Transformation. You ll get the variety and challenge of consultancy work, with the stability and support of a permanent role. You re not a contractor - you re a valued member of our team, with access to all the same benefits, learning opportunities, and community. Find out more: peregrine.global or check out our LinkedIn page: peregrin e- resourcing

Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.