Role: Network and Security Engineer Location: Windsor Onsite: 5 days Salary: 50k - 60k Job purpose Our Client is seeking a skilled Network and Security Engineer with a focus on Cyber Security and Networking to join our IT team. The IT Department provides and supports all core technology services ensuring systems are secure, resilient and capable of supporting teaching, learning and operational delivery. This is a hands-on technical role responsible for securing and developing the Clients network infrastructure, working across our Arista switching and wireless environment. You will ensure the Clients network remains secure, resilient and high performing, while strengthening cyber security controls, monitoring capabilities and safeguarding compliance. Key tasks and responsibilities You will: Design, implement and support secure wired and wireless network infrastructure ( Arista switching and Wi-Fi platforms ), ensuring performance, resilience and appropriate segmentation. Manage network routing, switching and access control to maintain secure and reliable connectivity across the campus. Maintain and optimise firewall and web filtering platforms to ensure secure access, appropriate content filtering and safeguarding compliance (including KCSIE requirements). Monitor network traffic and security events using Splunk and related tooling, investigating alerts and supporting detection, containment and remediation of incidents. Support vulnerability management processes across network and security infrastructure. Contribute to the development of network resilience, segmentation and cyber security controls. Produce safeguarding and security-related reporting to support pastoral and safeguarding teams. Maintain accurate documentation of network topology, security configurations and standards. Work with external partners and service providers to maintain high levels of security and availability. Support disaster recovery and business continuity planning from a security and network perspective. Promote cyber security awareness Provide 2nd/3rd line support for complex network and security issues. Support compliance with relevant security and data protection frameworks, including Cyber Essentials, NCSC guidance and ISO-aligned standards where applicable. All employees are also expected to: Develop a good understanding of safeguarding procedures, given all positions are classed as 'regulated activity'. Demonstrate a commitment to safeguarding and promoting the welfare of children. This includes but is not limited to completing safeguarding training as required, complying with all safeguarding procedures and ensuring any safeguarding updates issued by the clients are read and understood. Understand and comply with procedures and legislation relating to confidentiality. Display a commitment to and promotion of equality, diversity and inclusion. Skills and competencies required To be successful in this role, you will demonstrate: Strong experience supporting enterprise network infrastructure (switching, routing and wireless environments). Experience working with modern network platforms (experience with Arista would be advantageous). Practical understanding of cyber security principles, threat monitoring and operational security controls. Experience using SIEM or monitoring platforms (experience with Splunk would be highly advantageous); Knowledge of secure network segmentation, filtering and access control models. Experience investigating and responding to security alerts or anomalous network activity. Strong troubleshooting skills and the ability to analyse complex network or security issues. Experience designing or implementing resilient, high-availability network architectures. Experience operating at 2nd/3rd line support level within a network or security focused environment. Clear written and verbal communication skills, with a structured and methodical approach. Desirable Security-focused certifications (e.g. Security+, GIAC or similar). Network-related certifications (e.g. CCNA, CCNP or Arista ACE L2/3). Experience with Arista network platforms. Experience using Splunk for security monitoring or reporting. Familiarity with Cyber Essentials, NCSC guidance or similar security frameworks. Experience working within an educational environment. You may enjoy this role if: You can work effectively within a team environment. You have a passion for information and communications technology. You are confident and willing to build on knowledge acquired to date. You are an excellent communicator with a friendly and helpful manner. Working pattern You will be working 35 hours per week (core hours 8am to 6pm) Monday to Friday You will be working 52 weeks per year. You will be entitled to 28 days holiday, 3 of these days must be reserved for the Christmas shut down. If a bank holiday falls during a school term period, you will be required to work this day and you will receive an additional day's holiday in lieu. Disclosure checks Our Client is committed to safeguarding and promoting the welfare of children, and applicants must be willing to undergo child protection screening appropriate to the post, including, but not limited to, reference checks with past employers, an Enhanced Disclosure from the Disclosure and Barring Service (including Barred List information), an online search and, where applicable, Prohibition checks. If you are successful in your application, you will be required to complete a DBS Disclosure Application Form. Any information disclosed will be handled in accordance with any guidance and/or Code of Practice published by the DBS. The College is exempt from the Rehabilitation of Offenders Act 1974 and therefore all convictions, cautions, reprimands and final warnings (including those which would normally be considered as "spent" under the Act) must be declared, subject to the DBS filtering rules. It is a criminal offence for any person who is barred from working with children to Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Jun 30, 2026
Full time
Role: Network and Security Engineer Location: Windsor Onsite: 5 days Salary: 50k - 60k Job purpose Our Client is seeking a skilled Network and Security Engineer with a focus on Cyber Security and Networking to join our IT team. The IT Department provides and supports all core technology services ensuring systems are secure, resilient and capable of supporting teaching, learning and operational delivery. This is a hands-on technical role responsible for securing and developing the Clients network infrastructure, working across our Arista switching and wireless environment. You will ensure the Clients network remains secure, resilient and high performing, while strengthening cyber security controls, monitoring capabilities and safeguarding compliance. Key tasks and responsibilities You will: Design, implement and support secure wired and wireless network infrastructure ( Arista switching and Wi-Fi platforms ), ensuring performance, resilience and appropriate segmentation. Manage network routing, switching and access control to maintain secure and reliable connectivity across the campus. Maintain and optimise firewall and web filtering platforms to ensure secure access, appropriate content filtering and safeguarding compliance (including KCSIE requirements). Monitor network traffic and security events using Splunk and related tooling, investigating alerts and supporting detection, containment and remediation of incidents. Support vulnerability management processes across network and security infrastructure. Contribute to the development of network resilience, segmentation and cyber security controls. Produce safeguarding and security-related reporting to support pastoral and safeguarding teams. Maintain accurate documentation of network topology, security configurations and standards. Work with external partners and service providers to maintain high levels of security and availability. Support disaster recovery and business continuity planning from a security and network perspective. Promote cyber security awareness Provide 2nd/3rd line support for complex network and security issues. Support compliance with relevant security and data protection frameworks, including Cyber Essentials, NCSC guidance and ISO-aligned standards where applicable. All employees are also expected to: Develop a good understanding of safeguarding procedures, given all positions are classed as 'regulated activity'. Demonstrate a commitment to safeguarding and promoting the welfare of children. This includes but is not limited to completing safeguarding training as required, complying with all safeguarding procedures and ensuring any safeguarding updates issued by the clients are read and understood. Understand and comply with procedures and legislation relating to confidentiality. Display a commitment to and promotion of equality, diversity and inclusion. Skills and competencies required To be successful in this role, you will demonstrate: Strong experience supporting enterprise network infrastructure (switching, routing and wireless environments). Experience working with modern network platforms (experience with Arista would be advantageous). Practical understanding of cyber security principles, threat monitoring and operational security controls. Experience using SIEM or monitoring platforms (experience with Splunk would be highly advantageous); Knowledge of secure network segmentation, filtering and access control models. Experience investigating and responding to security alerts or anomalous network activity. Strong troubleshooting skills and the ability to analyse complex network or security issues. Experience designing or implementing resilient, high-availability network architectures. Experience operating at 2nd/3rd line support level within a network or security focused environment. Clear written and verbal communication skills, with a structured and methodical approach. Desirable Security-focused certifications (e.g. Security+, GIAC or similar). Network-related certifications (e.g. CCNA, CCNP or Arista ACE L2/3). Experience with Arista network platforms. Experience using Splunk for security monitoring or reporting. Familiarity with Cyber Essentials, NCSC guidance or similar security frameworks. Experience working within an educational environment. You may enjoy this role if: You can work effectively within a team environment. You have a passion for information and communications technology. You are confident and willing to build on knowledge acquired to date. You are an excellent communicator with a friendly and helpful manner. Working pattern You will be working 35 hours per week (core hours 8am to 6pm) Monday to Friday You will be working 52 weeks per year. You will be entitled to 28 days holiday, 3 of these days must be reserved for the Christmas shut down. If a bank holiday falls during a school term period, you will be required to work this day and you will receive an additional day's holiday in lieu. Disclosure checks Our Client is committed to safeguarding and promoting the welfare of children, and applicants must be willing to undergo child protection screening appropriate to the post, including, but not limited to, reference checks with past employers, an Enhanced Disclosure from the Disclosure and Barring Service (including Barred List information), an online search and, where applicable, Prohibition checks. If you are successful in your application, you will be required to complete a DBS Disclosure Application Form. Any information disclosed will be handled in accordance with any guidance and/or Code of Practice published by the DBS. The College is exempt from the Rehabilitation of Offenders Act 1974 and therefore all convictions, cautions, reprimands and final warnings (including those which would normally be considered as "spent" under the Act) must be declared, subject to the DBS filtering rules. It is a criminal offence for any person who is barred from working with children to Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Job Title: Voice Engineer Contract Length: 12 months Location: Chester Working Pattern: 3 days per week in the office Are you a skilled Voice Engineer looking for your next challenge? Join our dynamic team at an innovative organization where your expertise in voice services will be valued and utilized to its fullest! We are on the lookout for a talented Voice Operations Engineer who can support MS Teams and Cisco Enterprise Voice services and make a significant impact on our global voice infrastructure. What You'll Do: As a Voice Engineer, you'll play a pivotal role in managing and supporting our core voice services. Your responsibilities will include: Handling all aspects of core voice services and ensuring seamless operation of our global voice infrastructure. Supporting Voice platforms and interconnectivity with Enterprise telephony, Contact Center, and Transport, including managing external carriers. Participating in change and problem management reviews to enhance service reliability. Collaborating with other support teams to swiftly manage, triage, and resolve issues. Must-Have Qualifications: We're looking for someone with the following experience and certifications: Microsoft 365 Certified: Teams Administrator Associate Proven track record in troubleshooting MS Teams issues and managing interoperability with core voice services like Ribbon SBC and Cisco. Strong experience in managing service issues related to MS Teams Voice, Cisco Enterprise Voice, carriers, and transport. Proficiency with Call Analytics, Call Quality Dashboard (CQD) reports, Quality of Experience (QER) templates, PowerBI, Teams Policies, and Audio Conferencing. Familiarity with the Microsoft 365 Admin Center, Teams Admin Center, Microsoft Entra, Message Center, and Service Desk. Experience in engaging Microsoft support tickets and escalation processes. Knowledge of incident and change management processes in a core voice production environment. Nice-to-Have Skills: If you have any of the following skills, we would love to hear from you: Experience working with internal support teams such as Domain Ops, CCO, and Network Escalation. Familiarity with PowerShell, GraphAPI, Splunk, and ThousandEyes. Experience using Remedy for opening and updating incident tickets. Proficiency with ServiceNow and MS Teams Voice provisioning. Why Join Us? This is a fantastic opportunity to work with a team that values innovation and collaboration. You'll be part of a vibrant workplace in Chester Business Park, where creativity and teamwork come together. We believe in providing our employees with the tools they need to succeed and grow in their careers. How to Apply: Ready to take your career to the next level? Don't miss out on this exciting opportunity! Send us your resume and a brief cover letter detailing your relevant experience. We can't wait to meet our next Voice Engineer superstar! Join us in shaping the future of voice services. Apply today! Note: This is a temporary position with a contract length of 12 months. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Jun 29, 2026
Contractor
Job Title: Voice Engineer Contract Length: 12 months Location: Chester Working Pattern: 3 days per week in the office Are you a skilled Voice Engineer looking for your next challenge? Join our dynamic team at an innovative organization where your expertise in voice services will be valued and utilized to its fullest! We are on the lookout for a talented Voice Operations Engineer who can support MS Teams and Cisco Enterprise Voice services and make a significant impact on our global voice infrastructure. What You'll Do: As a Voice Engineer, you'll play a pivotal role in managing and supporting our core voice services. Your responsibilities will include: Handling all aspects of core voice services and ensuring seamless operation of our global voice infrastructure. Supporting Voice platforms and interconnectivity with Enterprise telephony, Contact Center, and Transport, including managing external carriers. Participating in change and problem management reviews to enhance service reliability. Collaborating with other support teams to swiftly manage, triage, and resolve issues. Must-Have Qualifications: We're looking for someone with the following experience and certifications: Microsoft 365 Certified: Teams Administrator Associate Proven track record in troubleshooting MS Teams issues and managing interoperability with core voice services like Ribbon SBC and Cisco. Strong experience in managing service issues related to MS Teams Voice, Cisco Enterprise Voice, carriers, and transport. Proficiency with Call Analytics, Call Quality Dashboard (CQD) reports, Quality of Experience (QER) templates, PowerBI, Teams Policies, and Audio Conferencing. Familiarity with the Microsoft 365 Admin Center, Teams Admin Center, Microsoft Entra, Message Center, and Service Desk. Experience in engaging Microsoft support tickets and escalation processes. Knowledge of incident and change management processes in a core voice production environment. Nice-to-Have Skills: If you have any of the following skills, we would love to hear from you: Experience working with internal support teams such as Domain Ops, CCO, and Network Escalation. Familiarity with PowerShell, GraphAPI, Splunk, and ThousandEyes. Experience using Remedy for opening and updating incident tickets. Proficiency with ServiceNow and MS Teams Voice provisioning. Why Join Us? This is a fantastic opportunity to work with a team that values innovation and collaboration. You'll be part of a vibrant workplace in Chester Business Park, where creativity and teamwork come together. We believe in providing our employees with the tools they need to succeed and grow in their careers. How to Apply: Ready to take your career to the next level? Don't miss out on this exciting opportunity! Send us your resume and a brief cover letter detailing your relevant experience. We can't wait to meet our next Voice Engineer superstar! Join us in shaping the future of voice services. Apply today! Note: This is a temporary position with a contract length of 12 months. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Our client in the Defence industry is looking for a Security Platform Engineer who will be responsible for deploying and managing security tooling within a Kubernetes Environment. In your role you will administer and maintain Splunk for log aggregation, monitoring, alerting and threat detection. You will operate and manage Nessus for vulnerability scanning, reporting and remediation tracking. Also, you will integrate security tools into CI/CD pipelines and automate security processes using scripting or infrastructure-as-code. We are looking for someone with experience as a Security Engineer, Platform Engineer or a similar role. You will need experience deploying and managing EDR agents, hands-on experience with Kubernetes, experience managing and administering Splunk and deploying Nessus for vulnerability scanning and analysis. Candidates will also need a familiarity with: container security principles and tools, scripting and automation, and configuring SIEM tooling. Due to the nature of this role, candidates must be sole British nationals and currently hold SC clearance and be willing to go through DV clearance.
Jun 29, 2026
Full time
Our client in the Defence industry is looking for a Security Platform Engineer who will be responsible for deploying and managing security tooling within a Kubernetes Environment. In your role you will administer and maintain Splunk for log aggregation, monitoring, alerting and threat detection. You will operate and manage Nessus for vulnerability scanning, reporting and remediation tracking. Also, you will integrate security tools into CI/CD pipelines and automate security processes using scripting or infrastructure-as-code. We are looking for someone with experience as a Security Engineer, Platform Engineer or a similar role. You will need experience deploying and managing EDR agents, hands-on experience with Kubernetes, experience managing and administering Splunk and deploying Nessus for vulnerability scanning and analysis. Candidates will also need a familiarity with: container security principles and tools, scripting and automation, and configuring SIEM tooling. Due to the nature of this role, candidates must be sole British nationals and currently hold SC clearance and be willing to go through DV clearance.
DevOps Engineer - SC Cleared - London Hybrid (2/3 days) DevOps Engineer required to design and manage the deployment of an EDR tool across the Enterprise cloud estate, this will include both servers and Kubernetes clusters and containerised environments. I am looking for someone who has experience: • Cloud Platform - Azure experience essential- with use of monitoring tooling for troubleshooting and drawing insights • Hands-on experience of CI/CD pipelines using GitHub Actions or similar tooling • Thorough experience with Infrastructure as Code (IaC) such as Terraform Essential Criteria • Foundational knowledge of networking including network protocols, DNS, VPN, Load Balancing and Firewall • Kubernetes clusters and containerised environments • Experience with Prometheus, Grafana, Dynatrace, AppDynamics, Splunk, or AIOps on Azure Cloud or any similar observability tooling • Experience in SRE and/or DevOps roles, with working knowledge in SRE principles including automation a considerable plus Desirable skills to include: • Experience with Agile ways of working • Knowledge of ITIL framework • Experience with Power Apps, Power BI, Power Automate, and Searching Intelligence
Jun 29, 2026
Contractor
DevOps Engineer - SC Cleared - London Hybrid (2/3 days) DevOps Engineer required to design and manage the deployment of an EDR tool across the Enterprise cloud estate, this will include both servers and Kubernetes clusters and containerised environments. I am looking for someone who has experience: • Cloud Platform - Azure experience essential- with use of monitoring tooling for troubleshooting and drawing insights • Hands-on experience of CI/CD pipelines using GitHub Actions or similar tooling • Thorough experience with Infrastructure as Code (IaC) such as Terraform Essential Criteria • Foundational knowledge of networking including network protocols, DNS, VPN, Load Balancing and Firewall • Kubernetes clusters and containerised environments • Experience with Prometheus, Grafana, Dynatrace, AppDynamics, Splunk, or AIOps on Azure Cloud or any similar observability tooling • Experience in SRE and/or DevOps roles, with working knowledge in SRE principles including automation a considerable plus Desirable skills to include: • Experience with Agile ways of working • Knowledge of ITIL framework • Experience with Power Apps, Power BI, Power Automate, and Searching Intelligence
Senior DevOps Engineer - SC Cleared - Hybrid London - Inside IR35 My client a large finance house seek to recruit an SC Cleared Senior DevOps Engineer, within this role you will support with the delivery, operation and improvement to my clients core finance system. Key Responsibilities to Include: Support and maintain and develop core changes Work with solution designers / teams Work with solution designers to create product roadmaps and end-to-end architecture of the domain Support & maintain technical chains to the wider estate (technical) Promoting of safe code (pre production to live) Development and maintenance of technology roadmaps To join this elite team you will have proven experience: Proven experience of production support (to include OOH release support) On-prem Kubernetes / OpenShift deployments DevOps tooling updates - issue resolution, roadmap improvements Linux system administration (high availability production environments) Observability functions, designing and operating end-to-end logging, metrics, tracing, dashboards, and alerting systems using ELK, Splunk, Prometheus, Grafana. Security FIRST mindset with experience in secure payment systems and processes Cloud platform experience - Azure, AWS or GCP Excellent opportunity to be part of a core and evolving team!
Jun 29, 2026
Contractor
Senior DevOps Engineer - SC Cleared - Hybrid London - Inside IR35 My client a large finance house seek to recruit an SC Cleared Senior DevOps Engineer, within this role you will support with the delivery, operation and improvement to my clients core finance system. Key Responsibilities to Include: Support and maintain and develop core changes Work with solution designers / teams Work with solution designers to create product roadmaps and end-to-end architecture of the domain Support & maintain technical chains to the wider estate (technical) Promoting of safe code (pre production to live) Development and maintenance of technology roadmaps To join this elite team you will have proven experience: Proven experience of production support (to include OOH release support) On-prem Kubernetes / OpenShift deployments DevOps tooling updates - issue resolution, roadmap improvements Linux system administration (high availability production environments) Observability functions, designing and operating end-to-end logging, metrics, tracing, dashboards, and alerting systems using ELK, Splunk, Prometheus, Grafana. Security FIRST mindset with experience in secure payment systems and processes Cloud platform experience - Azure, AWS or GCP Excellent opportunity to be part of a core and evolving team!
Senior Splunk Lead/Observability Engineering Lead Location: London (Hybrid - 50% onsite) Contract: Contract Rate: Open to negotiation Security Clearance: Active SC Clearance required We're currently seeking an experienced Senior Splunk Lead/Observability Engineering Lead to join a high-profile technology programme within a large enterprise environment. This is an exciting opportunity for a senior engineer who is passionate about observability, automation, and platform engineering. You'll play a key role in shaping enterprise-wide monitoring standards, driving automation-first practices, and leading the evolution of a large-scale Splunk platform. The Role As the technical lead within the Observability team, you'll be responsible for designing, implementing, and governing enterprise monitoring solutions while working closely with engineering teams, DevOps, architects, and business stakeholders. You'll champion best practices, develop reusable monitoring patterns through Infrastructure as Code, mentor engineers, and ensure the organisation continues to evolve its observability capabilities. Key Responsibilities Lead the design and implementation of enterprise monitoring and observability solutions. Develop automation-first monitoring patterns using Terraform and CI/CD pipelines. Configure, administer, and optimise Splunk Enterprise and Splunk ITSI environments. Design scalable, modular observability architectures supporting multiple business units. Integrate Splunk with enterprise data sources, monitoring platforms, automation tools, and ITSM solutions. Drive monitoring standards, governance, and best practices across engineering teams. Investigate complex incidents and continuously improve platform reliability and monitoring coverage. Produce high-quality technical documentation and provide technical leadership to engineers across the programme. Essential Skills & Experience We're looking for candidates with: 10+ years' experience within Infrastructure, DevOps, Platform Engineering or Observability. At least 5 years' hands-on experience with Splunk engineering. Strong experience implementing and administering Splunk Enterprise and Splunk ITSI. Experience designing and supporting large-scale enterprise Splunk platforms. Hands-on automation experience using Terraform and GitHub. Strong knowledge of monitoring, observability, logs, metrics, and event correlation. Experience integrating Splunk with enterprise monitoring ecosystems and ITSM platforms. Excellent troubleshooting, analytical and problem-solving skills. Experience working within Agile delivery environments. Strong communication and stakeholder management skills with the ability to influence technical direction. Desirable Experience Experience with any of the following would be advantageous: Control-M xMatters Jira Confluence OpenShift Azure or AWS cloud platforms Performance tuning and optimisation Monitoring and security integrations Security Clearance Due to the nature of the programme, active SC Clearance is essential . Unfortunately, candidates without current SC Clearance cannot be considered. Apply today with your latest CV for immediate consideration.
Jun 29, 2026
Contractor
Senior Splunk Lead/Observability Engineering Lead Location: London (Hybrid - 50% onsite) Contract: Contract Rate: Open to negotiation Security Clearance: Active SC Clearance required We're currently seeking an experienced Senior Splunk Lead/Observability Engineering Lead to join a high-profile technology programme within a large enterprise environment. This is an exciting opportunity for a senior engineer who is passionate about observability, automation, and platform engineering. You'll play a key role in shaping enterprise-wide monitoring standards, driving automation-first practices, and leading the evolution of a large-scale Splunk platform. The Role As the technical lead within the Observability team, you'll be responsible for designing, implementing, and governing enterprise monitoring solutions while working closely with engineering teams, DevOps, architects, and business stakeholders. You'll champion best practices, develop reusable monitoring patterns through Infrastructure as Code, mentor engineers, and ensure the organisation continues to evolve its observability capabilities. Key Responsibilities Lead the design and implementation of enterprise monitoring and observability solutions. Develop automation-first monitoring patterns using Terraform and CI/CD pipelines. Configure, administer, and optimise Splunk Enterprise and Splunk ITSI environments. Design scalable, modular observability architectures supporting multiple business units. Integrate Splunk with enterprise data sources, monitoring platforms, automation tools, and ITSM solutions. Drive monitoring standards, governance, and best practices across engineering teams. Investigate complex incidents and continuously improve platform reliability and monitoring coverage. Produce high-quality technical documentation and provide technical leadership to engineers across the programme. Essential Skills & Experience We're looking for candidates with: 10+ years' experience within Infrastructure, DevOps, Platform Engineering or Observability. At least 5 years' hands-on experience with Splunk engineering. Strong experience implementing and administering Splunk Enterprise and Splunk ITSI. Experience designing and supporting large-scale enterprise Splunk platforms. Hands-on automation experience using Terraform and GitHub. Strong knowledge of monitoring, observability, logs, metrics, and event correlation. Experience integrating Splunk with enterprise monitoring ecosystems and ITSM platforms. Excellent troubleshooting, analytical and problem-solving skills. Experience working within Agile delivery environments. Strong communication and stakeholder management skills with the ability to influence technical direction. Desirable Experience Experience with any of the following would be advantageous: Control-M xMatters Jira Confluence OpenShift Azure or AWS cloud platforms Performance tuning and optimisation Monitoring and security integrations Security Clearance Due to the nature of the programme, active SC Clearance is essential . Unfortunately, candidates without current SC Clearance cannot be considered. Apply today with your latest CV for immediate consideration.
Location: London (Hybrid - 2 days per week onsite) Work Pattern: Hybrid - 2 days per week onsite in London Duration: 6 months initially Rate: £550 per day IR35 Status: Outside IR35 Clearance: Active SC Clearance Overview This is an Outside IR35 contract - a genuinely attractive opportunity offering strong take-home pay for a specialist SOC Engineer with deep Splunk and Cribl expertise. We are seeking an SOC Engineer to design, build and optimise the security data pipeline underpinning a UK public sector Security Operations Centre. This is a hands-on engineering role centred on Cribl Stream and Splunk Enterprise Security: you will own end-to-end log onboarding, shape and route telemetry through Cribl, and ensure high-quality, normalised data lands in Splunk to drive reliable detection. Working alongside SOC analysts and wider engineering teams, you will improve detection coverage, control ingest cost, and support secure-by-design delivery within a complex, regulated government environment. This is a hybrid contract based in London, with 2 days per week onsite, for an initial 6 months. Key Responsibilities Design, build and administer Cribl Stream pipelines, routes, packs and worker groups to filter, enrich, route and redact security telemetry before ingestion Own end-to-end log onboarding across cloud (AWS, Azure, M365) and on-premises sources, including parsing, normalisation and Splunk Common Information Model (CIM) mapping Optimise Splunk ingest volume and licence cost by strategically filtering, sampling and summarising data within Cribl Administer and tune Splunk Enterprise Security (ES) in a distributed deployment, including index-time processing, props/transforms and search performance Develop and maintain correlation searches, notable events, Risk-Based Alerting (RBA) and dashboards to improve detection coverage Work with SOC analysts to translate detection requirements into reliable data sources, use cases and tuned alerts Build and maintain data onboarding as code, applying GitOps and CI/CD practices for repeatable, controlled change Troubleshoot data quality, latency and pipeline issues across the Cribl and Splunk estate Document data flows, onboarding standards and engineering runbooks Contribute to secure-by-design delivery and to outcomes under the NCSC Cyber Assessment Framework (CAF) Essential Skills Strong commercial experience as a SOC/Security Engineer building and operating SIEM data pipelines Hands-on Cribl Stream experience - designing and managing routes, pipelines, packs and worker groups for log routing, enrichment and reduction Deep Splunk experience, including Enterprise Security (ES) administration in distributed environments Strong SPL, data models, dashboards and search optimisation skills Expertise in data onboarding, parsing, index-time processing, normalisation and CIM mapping (props/transforms) Experience reducing Splunk ingest volume and licence cost through telemetry pipeline optimisation Log onboarding from cloud (AWS, Azure, M365) and on-premises systems Scripting in Python or PowerShell for data manipulation and API interaction Working knowledge of Linux (RHEL) and Windows administration Active SC Clearance Nice To Have Cribl certification, or experience with Cribl Edge and Cribl Search Splunk certifications (eg Splunk Enterprise Security Certified Admin) Experience with GitOps and CI/CD tooling for detection and onboarding as code Exposure to detection engineering and MITRE ATT&CK-aligned content development Experience operating within NCSC CAF/GovAssure or similarly regulated public sector environments
Jun 29, 2026
Contractor
Location: London (Hybrid - 2 days per week onsite) Work Pattern: Hybrid - 2 days per week onsite in London Duration: 6 months initially Rate: £550 per day IR35 Status: Outside IR35 Clearance: Active SC Clearance Overview This is an Outside IR35 contract - a genuinely attractive opportunity offering strong take-home pay for a specialist SOC Engineer with deep Splunk and Cribl expertise. We are seeking an SOC Engineer to design, build and optimise the security data pipeline underpinning a UK public sector Security Operations Centre. This is a hands-on engineering role centred on Cribl Stream and Splunk Enterprise Security: you will own end-to-end log onboarding, shape and route telemetry through Cribl, and ensure high-quality, normalised data lands in Splunk to drive reliable detection. Working alongside SOC analysts and wider engineering teams, you will improve detection coverage, control ingest cost, and support secure-by-design delivery within a complex, regulated government environment. This is a hybrid contract based in London, with 2 days per week onsite, for an initial 6 months. Key Responsibilities Design, build and administer Cribl Stream pipelines, routes, packs and worker groups to filter, enrich, route and redact security telemetry before ingestion Own end-to-end log onboarding across cloud (AWS, Azure, M365) and on-premises sources, including parsing, normalisation and Splunk Common Information Model (CIM) mapping Optimise Splunk ingest volume and licence cost by strategically filtering, sampling and summarising data within Cribl Administer and tune Splunk Enterprise Security (ES) in a distributed deployment, including index-time processing, props/transforms and search performance Develop and maintain correlation searches, notable events, Risk-Based Alerting (RBA) and dashboards to improve detection coverage Work with SOC analysts to translate detection requirements into reliable data sources, use cases and tuned alerts Build and maintain data onboarding as code, applying GitOps and CI/CD practices for repeatable, controlled change Troubleshoot data quality, latency and pipeline issues across the Cribl and Splunk estate Document data flows, onboarding standards and engineering runbooks Contribute to secure-by-design delivery and to outcomes under the NCSC Cyber Assessment Framework (CAF) Essential Skills Strong commercial experience as a SOC/Security Engineer building and operating SIEM data pipelines Hands-on Cribl Stream experience - designing and managing routes, pipelines, packs and worker groups for log routing, enrichment and reduction Deep Splunk experience, including Enterprise Security (ES) administration in distributed environments Strong SPL, data models, dashboards and search optimisation skills Expertise in data onboarding, parsing, index-time processing, normalisation and CIM mapping (props/transforms) Experience reducing Splunk ingest volume and licence cost through telemetry pipeline optimisation Log onboarding from cloud (AWS, Azure, M365) and on-premises systems Scripting in Python or PowerShell for data manipulation and API interaction Working knowledge of Linux (RHEL) and Windows administration Active SC Clearance Nice To Have Cribl certification, or experience with Cribl Edge and Cribl Search Splunk certifications (eg Splunk Enterprise Security Certified Admin) Experience with GitOps and CI/CD tooling for detection and onboarding as code Exposure to detection engineering and MITRE ATT&CK-aligned content development Experience operating within NCSC CAF/GovAssure or similarly regulated public sector environments
Job Title: Voice Engineer Contract Length: 12 months Location: Chester Working Pattern: 3 days per week in the office Are you a skilled Voice Engineer looking for your next challenge? Join our dynamic team at an innovative organization where your expertise in voice services will be valued and utilized to its fullest! We are on the lookout for a talented Voice Operations Engineer who can support MS Teams and Cisco Enterprise Voice services and make a significant impact on our global voice infrastructure. What You'll Do: As a Voice Engineer, you'll play a pivotal role in managing and supporting our core voice services. Your responsibilities will include: Handling all aspects of core voice services and ensuring seamless operation of our global voice infrastructure. Supporting Voice platforms and interconnectivity with Enterprise telephony, Contact Center, and Transport, including managing external carriers. Participating in change and problem management reviews to enhance service reliability. Collaborating with other support teams to swiftly manage, triage, and resolve issues. Must-Have Qualifications: We're looking for someone with the following experience and certifications: Microsoft 365 Certified: Teams Administrator Associate Proven track record in troubleshooting MS Teams issues and managing interoperability with core voice services like Ribbon SBC and Cisco. Strong experience in managing service issues related to MS Teams Voice, Cisco Enterprise Voice, carriers, and transport. Proficiency with Call Analytics, Call Quality Dashboard (CQD) reports, Quality of Experience (QER) templates, PowerBI, Teams Policies, and Audio Conferencing. Familiarity with the Microsoft 365 Admin Center, Teams Admin Center, Microsoft Entra, Message Center, and Service Desk. Experience in engaging Microsoft support tickets and escalation processes. Knowledge of incident and change management processes in a core voice production environment. Nice-to-Have Skills: If you have any of the following skills, we would love to hear from you: Experience working with internal support teams such as Domain Ops, CCO, and Network Escalation. Familiarity with PowerShell, GraphAPI, Splunk, and ThousandEyes. Experience using Remedy for opening and updating incident tickets. Proficiency with ServiceNow and MS Teams Voice provisioning. Why Join Us? This is a fantastic opportunity to work with a team that values innovation and collaboration. You'll be part of a vibrant workplace in Chester Business Park, where creativity and teamwork come together. We believe in providing our employees with the tools they need to succeed and grow in their careers. How to Apply: Ready to take your career to the next level? Don't miss out on this exciting opportunity! Send us your resume and a brief cover letter detailing your relevant experience. We can't wait to meet our next Voice Engineer superstar! Join us in shaping the future of voice services. Apply today! Note: This is a temporary position with a contract length of 12 months. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Jun 29, 2026
Contractor
Job Title: Voice Engineer Contract Length: 12 months Location: Chester Working Pattern: 3 days per week in the office Are you a skilled Voice Engineer looking for your next challenge? Join our dynamic team at an innovative organization where your expertise in voice services will be valued and utilized to its fullest! We are on the lookout for a talented Voice Operations Engineer who can support MS Teams and Cisco Enterprise Voice services and make a significant impact on our global voice infrastructure. What You'll Do: As a Voice Engineer, you'll play a pivotal role in managing and supporting our core voice services. Your responsibilities will include: Handling all aspects of core voice services and ensuring seamless operation of our global voice infrastructure. Supporting Voice platforms and interconnectivity with Enterprise telephony, Contact Center, and Transport, including managing external carriers. Participating in change and problem management reviews to enhance service reliability. Collaborating with other support teams to swiftly manage, triage, and resolve issues. Must-Have Qualifications: We're looking for someone with the following experience and certifications: Microsoft 365 Certified: Teams Administrator Associate Proven track record in troubleshooting MS Teams issues and managing interoperability with core voice services like Ribbon SBC and Cisco. Strong experience in managing service issues related to MS Teams Voice, Cisco Enterprise Voice, carriers, and transport. Proficiency with Call Analytics, Call Quality Dashboard (CQD) reports, Quality of Experience (QER) templates, PowerBI, Teams Policies, and Audio Conferencing. Familiarity with the Microsoft 365 Admin Center, Teams Admin Center, Microsoft Entra, Message Center, and Service Desk. Experience in engaging Microsoft support tickets and escalation processes. Knowledge of incident and change management processes in a core voice production environment. Nice-to-Have Skills: If you have any of the following skills, we would love to hear from you: Experience working with internal support teams such as Domain Ops, CCO, and Network Escalation. Familiarity with PowerShell, GraphAPI, Splunk, and ThousandEyes. Experience using Remedy for opening and updating incident tickets. Proficiency with ServiceNow and MS Teams Voice provisioning. Why Join Us? This is a fantastic opportunity to work with a team that values innovation and collaboration. You'll be part of a vibrant workplace in Chester Business Park, where creativity and teamwork come together. We believe in providing our employees with the tools they need to succeed and grow in their careers. How to Apply: Ready to take your career to the next level? Don't miss out on this exciting opportunity! Send us your resume and a brief cover letter detailing your relevant experience. We can't wait to meet our next Voice Engineer superstar! Join us in shaping the future of voice services. Apply today! Note: This is a temporary position with a contract length of 12 months. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
Site Reliability Engineer - Fully Remote What We're Looking For We're looking for someone who enjoys solving complex operational challenges through engineering rather than manual intervention. You'll be proactive, collaborative, and passionate about improving reliability through automation and continuous improvement. If you're excited about building resilient cloud platforms and making a measurable impact on service reliability, we'd love to hear from you. Key Responsibilities Incident Management & Operations Participate in a 24/7 on-call rota as a primary or escalation point Lead or support major incident response, including triage, mitigation, and resolution. Coordinate with Engineering, Infrastructure, Security, and Product teams during incidents. Develop, maintain, and continuously improve operational runbooks and playbooks. Conduct blameless post-incident reviews and drive follow-up improvements. Monitoring & Alerting Monitor the health of infrastructure, applications, and services. Design and optimise alerting strategies aligned with service reliability objectives (SLIs/SLOs). Reduce alert fatigue through continuous tuning and optimisation. Build and maintain dashboards using technologies such as: Grafana Prometheus Datadog Splunk AWS CloudWatch Reliability Engineering & Automation Automate repetitive operational tasks to minimise manual effort. Improve Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR). Develop automation tools and scripts using Python, Bash, Go, or similar languages. Implement self-healing and auto-remediation where appropriate. Work closely with engineering teams to improve application and platform reliability. Platform & Infrastructure Support and troubleshoot Linux-based production environments. Manage cloud infrastructure, primarily within AWS Support containerised environments using Docker and Kubernetes. Assist with capacity planning, availability reviews, and production readiness for new releases. Skills & Experience Essential Strong Linux systems administration experience. Experience supporting production environments and managing incidents. Hands-on experience with AWS cloud infrastructure. Experience with Docker and Kubernetes. Scripting or programming experience with Python, Bash, Go, or similar. Solid understanding of networking fundamentals, including DNS, TCP/IP, and load balancing. Experience working in a 24/7 operations or NOC environment. Ability to remain calm and effective during high-pressure production incidents. Excellent communication and stakeholder coordination skills. Desirable Experience working with Service Level Objectives (SLOs) and Service Level Indicators (SLIs). Previous experience helping organisations transition from traditional NOC operations to an SRE model. Infrastructure as Code experience using Terraform, Ansible, or similar tools. Exposure to security, compliance, or regulated environments. Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Jun 29, 2026
Full time
Site Reliability Engineer - Fully Remote What We're Looking For We're looking for someone who enjoys solving complex operational challenges through engineering rather than manual intervention. You'll be proactive, collaborative, and passionate about improving reliability through automation and continuous improvement. If you're excited about building resilient cloud platforms and making a measurable impact on service reliability, we'd love to hear from you. Key Responsibilities Incident Management & Operations Participate in a 24/7 on-call rota as a primary or escalation point Lead or support major incident response, including triage, mitigation, and resolution. Coordinate with Engineering, Infrastructure, Security, and Product teams during incidents. Develop, maintain, and continuously improve operational runbooks and playbooks. Conduct blameless post-incident reviews and drive follow-up improvements. Monitoring & Alerting Monitor the health of infrastructure, applications, and services. Design and optimise alerting strategies aligned with service reliability objectives (SLIs/SLOs). Reduce alert fatigue through continuous tuning and optimisation. Build and maintain dashboards using technologies such as: Grafana Prometheus Datadog Splunk AWS CloudWatch Reliability Engineering & Automation Automate repetitive operational tasks to minimise manual effort. Improve Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR). Develop automation tools and scripts using Python, Bash, Go, or similar languages. Implement self-healing and auto-remediation where appropriate. Work closely with engineering teams to improve application and platform reliability. Platform & Infrastructure Support and troubleshoot Linux-based production environments. Manage cloud infrastructure, primarily within AWS Support containerised environments using Docker and Kubernetes. Assist with capacity planning, availability reviews, and production readiness for new releases. Skills & Experience Essential Strong Linux systems administration experience. Experience supporting production environments and managing incidents. Hands-on experience with AWS cloud infrastructure. Experience with Docker and Kubernetes. Scripting or programming experience with Python, Bash, Go, or similar. Solid understanding of networking fundamentals, including DNS, TCP/IP, and load balancing. Experience working in a 24/7 operations or NOC environment. Ability to remain calm and effective during high-pressure production incidents. Excellent communication and stakeholder coordination skills. Desirable Experience working with Service Level Objectives (SLOs) and Service Level Indicators (SLIs). Previous experience helping organisations transition from traditional NOC operations to an SRE model. Infrastructure as Code experience using Terraform, Ansible, or similar tools. Exposure to security, compliance, or regulated environments. Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.
Prestigious opportunity for a talented and experienced Senior Java Developer to join a fast growing technology and transformation team delivering innovative, large-scale engineering solutions.This role sits at the intersection of technology, data, and AI, working on some of the UK's most ambitious digital programmes. You'll play a key role in designing and building modern, scalable applications that help organisations make smarter, data driven decisions.Collaborating within mature, cross-functional teams, working alongside engineers, architects, and business stakeholders to create impactful, future ready solutions. Key Responsibilities Design, develop, and maintain high-quality Java based applications Contribute across the full software development lifecycle Provide technical input into architecture and system design Build secure, scalable RESTful APIs Collaborate with engineers, product teams, and stakeholders to deliver solutions Write clean, maintainable, and well documented code Troubleshoot and resolve complex production issues Continuously improve system performance, reliability, and security Stay up to date with emerging technologies and best practices If you possess a combination of some of the following skills, then LET'S TALK! Strong experience in Java development (plus exposure to Kotlin or Scala) Deep understanding of OOP principles, SOLID design, and design patterns Hands on experience with Spring Framework (Spring Boot, Spring MVC) Experience designing and securing RESTful APIs Experience with containerisation (Docker, Kubernetes) Familiarity with CI/CD tools (Jenkins, GitHub Actions, Bit bucket Pipelines) Strong experience with Git and version control strategies Experience working with cloud platforms (AWS, Azure, or GCP) Ability to monitor, diagnose, and improve application performance Strong understanding of secure coding practices Exposure to the following would be advantageous but not essential: - Messaging/streaming technologies (Kafka, SQS) Serverless technologies (e.g., AWS Lambda) Monitoring/logging tools (ELK, Splunk, Dynatrace) ORM technologies (JPA, Hibernate) API documentation tools (e.g., Swagger/OpenAPI) Test tools (Postman, Selenium, Axe) Exposure to AI-assisted development tools (e.g., GitHub Copilot) In return, you will be rewarded with a market leading benefits package and ongoing career development in a flexible, hybrid working environment. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 28, 2026
Full time
Prestigious opportunity for a talented and experienced Senior Java Developer to join a fast growing technology and transformation team delivering innovative, large-scale engineering solutions.This role sits at the intersection of technology, data, and AI, working on some of the UK's most ambitious digital programmes. You'll play a key role in designing and building modern, scalable applications that help organisations make smarter, data driven decisions.Collaborating within mature, cross-functional teams, working alongside engineers, architects, and business stakeholders to create impactful, future ready solutions. Key Responsibilities Design, develop, and maintain high-quality Java based applications Contribute across the full software development lifecycle Provide technical input into architecture and system design Build secure, scalable RESTful APIs Collaborate with engineers, product teams, and stakeholders to deliver solutions Write clean, maintainable, and well documented code Troubleshoot and resolve complex production issues Continuously improve system performance, reliability, and security Stay up to date with emerging technologies and best practices If you possess a combination of some of the following skills, then LET'S TALK! Strong experience in Java development (plus exposure to Kotlin or Scala) Deep understanding of OOP principles, SOLID design, and design patterns Hands on experience with Spring Framework (Spring Boot, Spring MVC) Experience designing and securing RESTful APIs Experience with containerisation (Docker, Kubernetes) Familiarity with CI/CD tools (Jenkins, GitHub Actions, Bit bucket Pipelines) Strong experience with Git and version control strategies Experience working with cloud platforms (AWS, Azure, or GCP) Ability to monitor, diagnose, and improve application performance Strong understanding of secure coding practices Exposure to the following would be advantageous but not essential: - Messaging/streaming technologies (Kafka, SQS) Serverless technologies (e.g., AWS Lambda) Monitoring/logging tools (ELK, Splunk, Dynatrace) ORM technologies (JPA, Hibernate) API documentation tools (e.g., Swagger/OpenAPI) Test tools (Postman, Selenium, Axe) Exposure to AI-assisted development tools (e.g., GitHub Copilot) In return, you will be rewarded with a market leading benefits package and ongoing career development in a flexible, hybrid working environment. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
Jun 27, 2026
Full time
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
I am recruiting for a Cyber Security Engineer to work 2 days a week in London, 3 days remote. The role falls inside IR35 so you will be required to work through an umbrella company for the duration of the contract. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of turning raw data into actionable intelligence. You must have experience with Vulnerability Assessment, Penetration Testing and Policy/Standards Creation. You will have several years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. You will be a CrowdStrike Expert with deep hands-on experience with Falcon Prevent, Insight, and Discover. You will also be a Splunk Power user with proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). You must have a strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. CCFA/CCFR Certifications will be a a major plus. If you match the above skill set please apply ASAP.
Jun 27, 2026
Contractor
I am recruiting for a Cyber Security Engineer to work 2 days a week in London, 3 days remote. The role falls inside IR35 so you will be required to work through an umbrella company for the duration of the contract. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of turning raw data into actionable intelligence. You must have experience with Vulnerability Assessment, Penetration Testing and Policy/Standards Creation. You will have several years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. You will be a CrowdStrike Expert with deep hands-on experience with Falcon Prevent, Insight, and Discover. You will also be a Splunk Power user with proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). You must have a strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. CCFA/CCFR Certifications will be a a major plus. If you match the above skill set please apply ASAP.
Lead Splunk Engineer - London - Hybrid - Part Time Hours to Suit (during core office hours) - SC Cleared - Inside IR35 My client a leading finance house are looking for a Lead Splunk Engineer to take the lead in the design and implementation of monitoring and observability patterns and standards within the Observability Team click apply for full job details
Jun 27, 2026
Contractor
Lead Splunk Engineer - London - Hybrid - Part Time Hours to Suit (during core office hours) - SC Cleared - Inside IR35 My client a leading finance house are looking for a Lead Splunk Engineer to take the lead in the design and implementation of monitoring and observability patterns and standards within the Observability Team click apply for full job details
J ob Description We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications Essential and Desired Cyber Security Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC Advanced Certifications: CISSP, GCIH, GCIA, CCSP CrowdStrike Certifications: Ideally, possess 2 or more of the following: CCFA (CrowdStrike Certified Falcon Administrator) CCFR (CrowdStrike Certified Falcon Responder) CCSE (CrowdStrike Certified SIEM Engineer) Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory) Criteria for Shortlisting - Ideal Candidate Profile: Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role. CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage. Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES). Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus. Penetration Testing Experience: Familiarity with penetration testing and web application testing. Compliance Requirements Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process. Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace.
Jun 27, 2026
Contractor
J ob Description We are looking for an experienced and highly organised Senior Cyber Security Engineer for a local government client. This position provides an opportunity to contribute to public safety and community resilience. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of transforming raw data into actionable intelligence. Key Responsibilities Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform, playing a crucial role in strengthening our security posture. SIEM Mastery: Collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development and leadership. Qualifications Essential and Desired Cyber Security Foundational Certifications: CompTIA Security+, Network+, CYSA+, GSEC Advanced Certifications: CISSP, GCIH, GCIA, CCSP CrowdStrike Certifications: Ideally, possess 2 or more of the following: CCFA (CrowdStrike Certified Falcon Administrator) CCFR (CrowdStrike Certified Falcon Responder) CCSE (CrowdStrike Certified SIEM Engineer) Splunk Certification: Splunk Certified Cybersecurity Defence Engineer (Mandatory) Criteria for Shortlisting - Ideal Candidate Profile: Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role. CrowdStrike Expertise: Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage. Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES). Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus. Penetration Testing Experience: Familiarity with penetration testing and web application testing. Compliance Requirements Willingness to participate in the mandatory Right to Work Checks as part of the pre-screening application process. Diamond Blaque Group, a leading public-sector provider, acts as the employment business for this vacancy. We are committed to fostering an inclusive environment that values diversity and equal opportunity in the workplace.
Leading Crypto Trading Client requires an Infrastructure Engineer with Web Scraping, Python and networking tools and Linux. All rounder position will look after Network Virtual Servers, self starter! Aws Networking Infrastructure You are pioneering and innovative and want to be part of the cutting-edge and disruptive crypto currency world You are eager to learn new knowledge in both financial and technical fields You thrive in a non-hierarchical organization with a casual working environment You are flexible and dedicated Team / Role As a Platform Engineer, you will: Act as infrastructure SME for a 24x7x365 globally distributed ethical web scraping function, supporting a multi region high frequency operation Be able to proactively analyze, drive, and own, performance and process improvements along all parts of the chain Collaborate closely with development team in terms of architecture/prioritization Liaise closely and collaboratively with central infrastructure team, in terms of common infrastructure/improving standards across the estate Work effectively in a global multi-cloud set up, in terms of initiating/managing relationships, evaluation/onboarding of new providers, and improving internal processes in line with best-of-breed industry practices Be a Linux/network stack expert and utilise that knowledge in the context of tuning/optimization and production support Support the platform during business hours, and out-of-hours as part of a rota, and proactively chase ways to reduce/design out manual support overhead Required skillset Bachelor's degree in Computer Science, Software Engineering or a STEM subject from a recognised university Minimum 2 years of solid working experience in an infrastructure, DevOps, or Platform engineer role Production experience in a global cloud environment. Demonstrable AWS and strong networking experience in a multi-region and/or multi-cloud set up is essential. Demonstrable basic development or scripting experience in one or more of the following languages: Bash, Python, Java, C#, Rust, Excel VBA Solid Linux / network stack knowledge, as well as optimization/tuning Nice to haves Containerization (Docker / Kubernetes) in a production environment Monitoring tools in a production environment (Prometheus / Grafana / ELK stack / Splunk) IaC tooling (Terraform, Ansible etc) To find out more about Huxley, please visit (url removed) Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Jun 27, 2026
Full time
Leading Crypto Trading Client requires an Infrastructure Engineer with Web Scraping, Python and networking tools and Linux. All rounder position will look after Network Virtual Servers, self starter! Aws Networking Infrastructure You are pioneering and innovative and want to be part of the cutting-edge and disruptive crypto currency world You are eager to learn new knowledge in both financial and technical fields You thrive in a non-hierarchical organization with a casual working environment You are flexible and dedicated Team / Role As a Platform Engineer, you will: Act as infrastructure SME for a 24x7x365 globally distributed ethical web scraping function, supporting a multi region high frequency operation Be able to proactively analyze, drive, and own, performance and process improvements along all parts of the chain Collaborate closely with development team in terms of architecture/prioritization Liaise closely and collaboratively with central infrastructure team, in terms of common infrastructure/improving standards across the estate Work effectively in a global multi-cloud set up, in terms of initiating/managing relationships, evaluation/onboarding of new providers, and improving internal processes in line with best-of-breed industry practices Be a Linux/network stack expert and utilise that knowledge in the context of tuning/optimization and production support Support the platform during business hours, and out-of-hours as part of a rota, and proactively chase ways to reduce/design out manual support overhead Required skillset Bachelor's degree in Computer Science, Software Engineering or a STEM subject from a recognised university Minimum 2 years of solid working experience in an infrastructure, DevOps, or Platform engineer role Production experience in a global cloud environment. Demonstrable AWS and strong networking experience in a multi-region and/or multi-cloud set up is essential. Demonstrable basic development or scripting experience in one or more of the following languages: Bash, Python, Java, C#, Rust, Excel VBA Solid Linux / network stack knowledge, as well as optimization/tuning Nice to haves Containerization (Docker / Kubernetes) in a production environment Monitoring tools in a production environment (Prometheus / Grafana / ELK stack / Splunk) IaC tooling (Terraform, Ansible etc) To find out more about Huxley, please visit (url removed) Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
The Threat-Led Detection Engineer will design, build, and maintain high-quality threat detections within WTW's Global Information and Cyber Security Defence (ICSD) function, helping WTW detect adversary activity quickly and accurately across its global estate. This is a hands-on engineering role for someone with a strong cyber security mindset and a genuine interest in how attackers operate. You will write and tune detection rules, map coverage to real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence (CTI), and Incident Response, you will turn intelligence and hunt findings into reliable detections, embracing a threat-led, Detection-as-Code approach. The individual will work as part of a global, multi-disciplined security community with strong support across the business, helping to foster a security-aware culture while ensuring WTW remains a great place to work. With WTW's large global footprint, this role offers a varied and stimulating range of work, and occasional global travel may be required. The role is based in London and follows a hybrid working model, with the expectation of attending the office as and when required on business demand. The Role: The Threat-Led Detection Engineer will build and maintain detections within WTW's Global Cyber Security Defence team. Responsibilities of this role will include: - Design, write, test, and maintain high-fidelity detection rules across SIEM, EDR/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence, and incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer review, and automated testing for detection content. - Validate detections through adversary emulation and testing (e.g. Atomic Red Team) and collaborate on purple-team exercises. - Support the integration of AI and automation into detection and triage workflows, and help build detections for AI/GenAI-specific threats. - Collaborate with SOC, Threat Hunting, CTI, and Incident Response to close detection gaps surfaced during hunts and incidents. - Write clear detection documentation and response guidance so each detection is actionable for analysts. - Onboard and validate new log sources and telemetry to expand detection coverage. - Contribute to detection coverage and quality metrics to help measure and improve detection effectiveness. What you'll bring: We are looking for a candidate for the Threat-Led Detection Engineer role who has the following: Must-have: Strong background in cyber security with hands-on detection engineering, SOC, or threat-hunting experience. Strong cyber security mindset and a solid, thorough understanding of attacker behaviour and the modern threat landscape. Working knowledge of the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model, with the ability to map detections to them. Hands-on experience writing and tuning detection rules using query languages such as KQL, SPL, EQL, or Sigma on platforms like Microsoft Sentinel, Splunk, Elastic, CrowdStrike, or Microsoft Defender XDR. Ability to develop high-fidelity detections swiftly in response to emerging threats and intelligence. Experience maintaining detection content and contributing to a detection library. Familiarity with Detection-as-Code concepts: Git, version control, and automated testing of detection content. Awareness of AI/ML in security operations and AI-specific threats (e.g. prompt injection, sensitive-data exposure via GenAI), with awareness of the OWASP LLM Top 10 and MITRE ATLAS. Exposure to cloud detection across Azure, AWS, and/or GCP and to cloud and identity log sources (e.g. Entra ID, CloudTrail). Good written and verbal communication skills, able to document detections clearly and collaborate across teams. Good to have: Threat-hunting mindset and experience hunting for novel or emerging threats to feed detection development. Experience with adversary emulation and breach-and-attack-simulation tooling (Atomic Red Team, Caldera) and purple teaming. Scripting skills (e.g. Python, PowerShell) for automation and enrichment. What we offer: Enjoy a benefits package designed to help you thrive, both professionally and personally. You'll receive 25 days of annual leave plus an extra WTW day to relax and recharge. Our comprehensive health and wellbeing offering includes private healthcare, life insurance, group income protection, and regular health assessments, all giving you peace of mind. Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. We support your growth and balance with hybrid working options, access to an employee assistance programme, and a fully paid volunteer day to make a difference in your community. On top of these, you can opt into a variety of additional perks including an electric vehicle car scheme, share scheme, cycle-to-work programme, dental and optical cover, critical illness protection, and much more. Start making the most of your career and wellbeing with a range of benefits tailored for you. Equal Opportunity Employer We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants.
Jun 27, 2026
Full time
The Threat-Led Detection Engineer will design, build, and maintain high-quality threat detections within WTW's Global Information and Cyber Security Defence (ICSD) function, helping WTW detect adversary activity quickly and accurately across its global estate. This is a hands-on engineering role for someone with a strong cyber security mindset and a genuine interest in how attackers operate. You will write and tune detection rules, map coverage to real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence (CTI), and Incident Response, you will turn intelligence and hunt findings into reliable detections, embracing a threat-led, Detection-as-Code approach. The individual will work as part of a global, multi-disciplined security community with strong support across the business, helping to foster a security-aware culture while ensuring WTW remains a great place to work. With WTW's large global footprint, this role offers a varied and stimulating range of work, and occasional global travel may be required. The role is based in London and follows a hybrid working model, with the expectation of attending the office as and when required on business demand. The Role: The Threat-Led Detection Engineer will build and maintain detections within WTW's Global Cyber Security Defence team. Responsibilities of this role will include: - Design, write, test, and maintain high-fidelity detection rules across SIEM, EDR/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence, and incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer review, and automated testing for detection content. - Validate detections through adversary emulation and testing (e.g. Atomic Red Team) and collaborate on purple-team exercises. - Support the integration of AI and automation into detection and triage workflows, and help build detections for AI/GenAI-specific threats. - Collaborate with SOC, Threat Hunting, CTI, and Incident Response to close detection gaps surfaced during hunts and incidents. - Write clear detection documentation and response guidance so each detection is actionable for analysts. - Onboard and validate new log sources and telemetry to expand detection coverage. - Contribute to detection coverage and quality metrics to help measure and improve detection effectiveness. What you'll bring: We are looking for a candidate for the Threat-Led Detection Engineer role who has the following: Must-have: Strong background in cyber security with hands-on detection engineering, SOC, or threat-hunting experience. Strong cyber security mindset and a solid, thorough understanding of attacker behaviour and the modern threat landscape. Working knowledge of the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model, with the ability to map detections to them. Hands-on experience writing and tuning detection rules using query languages such as KQL, SPL, EQL, or Sigma on platforms like Microsoft Sentinel, Splunk, Elastic, CrowdStrike, or Microsoft Defender XDR. Ability to develop high-fidelity detections swiftly in response to emerging threats and intelligence. Experience maintaining detection content and contributing to a detection library. Familiarity with Detection-as-Code concepts: Git, version control, and automated testing of detection content. Awareness of AI/ML in security operations and AI-specific threats (e.g. prompt injection, sensitive-data exposure via GenAI), with awareness of the OWASP LLM Top 10 and MITRE ATLAS. Exposure to cloud detection across Azure, AWS, and/or GCP and to cloud and identity log sources (e.g. Entra ID, CloudTrail). Good written and verbal communication skills, able to document detections clearly and collaborate across teams. Good to have: Threat-hunting mindset and experience hunting for novel or emerging threats to feed detection development. Experience with adversary emulation and breach-and-attack-simulation tooling (Atomic Red Team, Caldera) and purple teaming. Scripting skills (e.g. Python, PowerShell) for automation and enrichment. What we offer: Enjoy a benefits package designed to help you thrive, both professionally and personally. You'll receive 25 days of annual leave plus an extra WTW day to relax and recharge. Our comprehensive health and wellbeing offering includes private healthcare, life insurance, group income protection, and regular health assessments, all giving you peace of mind. Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. We support your growth and balance with hybrid working options, access to an employee assistance programme, and a fully paid volunteer day to make a difference in your community. On top of these, you can opt into a variety of additional perks including an electric vehicle car scheme, share scheme, cycle-to-work programme, dental and optical cover, critical illness protection, and much more. Start making the most of your career and wellbeing with a range of benefits tailored for you. Equal Opportunity Employer We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants.
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 27, 2026
Full time
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
DEVSECOPS ENGINEER- EDV CLEARED DEVSECOPS ENGINEER- Permanent opportunity for a DevSecOps Engineer with active enhanced DV clearance. - Salary up to 80,000 DOE- Gloucestershire based offices - To apply, please call Laura Jackson on , or email with an up-to-date CV. WHO ARE WE?We're hiring for DevSecOps Engineers at various levels to join a consultancy delivering cutting-edge solutions for industry-leading National Security clients. You'll have the opportunity to work across multiple high-impact, innovative and mission-critical projects, shaping solutions that make a real difference. Due to the sensitive nature of the work, an active Enhanced DV clearance is essential. THE DEVSECOPS ENGINEER- Active enhanced DV clearance. - Gloucestershire based, or able to commute- Experience as a hands-on technical DevSecOps Engineer DEVSECOPS ENGINEER ESSENTIAL SKILLS- Experience of Windows and Linux systems administration- Understanding of Automation technologies Terraform and Ansible- Experience building CI/CD Pipelines - Knowledge of container technologies like Kubernetes or Docker- Understanding of networking skills- Understanding of Logging and monitoring using Zabbix and Splunk. TO BE CONSIDERED:Please either apply through this advert or emailing me directly on . For further information please call me: / . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLSDEVOPS, DEVSECOPS, NETWORKING, SYSADMIN, LINUX, CI/CD, CONTAINERISATION, INFRASTRTCTURE AS CODE, DEFENCE, NATIONAL SECURITY, DV CLEARED, DV CLEARANCE, SECURITY CLEARED, NSD
Jun 27, 2026
Full time
DEVSECOPS ENGINEER- EDV CLEARED DEVSECOPS ENGINEER- Permanent opportunity for a DevSecOps Engineer with active enhanced DV clearance. - Salary up to 80,000 DOE- Gloucestershire based offices - To apply, please call Laura Jackson on , or email with an up-to-date CV. WHO ARE WE?We're hiring for DevSecOps Engineers at various levels to join a consultancy delivering cutting-edge solutions for industry-leading National Security clients. You'll have the opportunity to work across multiple high-impact, innovative and mission-critical projects, shaping solutions that make a real difference. Due to the sensitive nature of the work, an active Enhanced DV clearance is essential. THE DEVSECOPS ENGINEER- Active enhanced DV clearance. - Gloucestershire based, or able to commute- Experience as a hands-on technical DevSecOps Engineer DEVSECOPS ENGINEER ESSENTIAL SKILLS- Experience of Windows and Linux systems administration- Understanding of Automation technologies Terraform and Ansible- Experience building CI/CD Pipelines - Knowledge of container technologies like Kubernetes or Docker- Understanding of networking skills- Understanding of Logging and monitoring using Zabbix and Splunk. TO BE CONSIDERED:Please either apply through this advert or emailing me directly on . For further information please call me: / . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLSDEVOPS, DEVSECOPS, NETWORKING, SYSADMIN, LINUX, CI/CD, CONTAINERISATION, INFRASTRTCTURE AS CODE, DEFENCE, NATIONAL SECURITY, DV CLEARED, DV CLEARANCE, SECURITY CLEARED, NSD
IT Security Manager An exciting opportunity has arisen for an experienced, hands-on IT Security Manager to lead a small in-house security team and drive the ongoing evolution of a modern cyber security function. This role is ideal for a senior or lead Security Engineer ready to step into management, combining technical expertise with team leadership and strategic influence. Role The IT Security Manager will take ownership of the organisation's cyber security posture across systems, infrastructure, and cloud environments. Acting as a trusted advisor to senior stakeholders, the role blends hands-on technical involvement with leadership and strategic oversight. Key Responsibilities Lead, mentor, and develop a high-performing cyber security team Own and deliver the IT security strategy, policies, and best practices Oversee day-to-day security operations (SIEM, EDR, incident response, vulnerability management) Ensure compliance with frameworks such as ISO 27001, NIST, CIS Controls and GDPR Manage risk assessments, remediation planning, and continuous improvement initiatives Secure cloud and hybrid environments ( Azure/AWS ) Act as the escalation point for complex security incidents and threats Collaborate with engineering and infrastructure teams to embed Secure by Design principles Manage third-party security vendors and services Lead audits, compliance activities, and incident response planning Drive security awareness and foster a strong security culture across the business Key Skills & Experience Proven experience in a cyber security leadership or senior-level role Strong hands-on background in security operations and engineering Experience with tools such as SIEM (Splunk), EDR, and vulnerability scanning platforms Solid understanding of cloud security (Azure, AWS) and enterprise IT environments Knowledge of identity & access management (IAM, MFA, RBAC, PAM) Experience with risk management and ISO 27001 compliance Understanding of incident response, threat detection, and DevSecOps practices Excellent communication skills with the ability to translate technical risk into business terms Desirable Certifications such as CISSP, CISM, CCSP, CRISC or CEH Cloud certifications (AZ-500, AWS Security Specialty) Exposure to Splunk ES
Jun 27, 2026
Full time
IT Security Manager An exciting opportunity has arisen for an experienced, hands-on IT Security Manager to lead a small in-house security team and drive the ongoing evolution of a modern cyber security function. This role is ideal for a senior or lead Security Engineer ready to step into management, combining technical expertise with team leadership and strategic influence. Role The IT Security Manager will take ownership of the organisation's cyber security posture across systems, infrastructure, and cloud environments. Acting as a trusted advisor to senior stakeholders, the role blends hands-on technical involvement with leadership and strategic oversight. Key Responsibilities Lead, mentor, and develop a high-performing cyber security team Own and deliver the IT security strategy, policies, and best practices Oversee day-to-day security operations (SIEM, EDR, incident response, vulnerability management) Ensure compliance with frameworks such as ISO 27001, NIST, CIS Controls and GDPR Manage risk assessments, remediation planning, and continuous improvement initiatives Secure cloud and hybrid environments ( Azure/AWS ) Act as the escalation point for complex security incidents and threats Collaborate with engineering and infrastructure teams to embed Secure by Design principles Manage third-party security vendors and services Lead audits, compliance activities, and incident response planning Drive security awareness and foster a strong security culture across the business Key Skills & Experience Proven experience in a cyber security leadership or senior-level role Strong hands-on background in security operations and engineering Experience with tools such as SIEM (Splunk), EDR, and vulnerability scanning platforms Solid understanding of cloud security (Azure, AWS) and enterprise IT environments Knowledge of identity & access management (IAM, MFA, RBAC, PAM) Experience with risk management and ISO 27001 compliance Understanding of incident response, threat detection, and DevSecOps practices Excellent communication skills with the ability to translate technical risk into business terms Desirable Certifications such as CISSP, CISM, CCSP, CRISC or CEH Cloud certifications (AZ-500, AWS Security Specialty) Exposure to Splunk ES
An exciting opportunity for a passionate Network Security Engineer to join a unique, multi-national Information Management function. Ideal candidates should be committed to protecting our critical systems and ensuring the integrity and security of our network infrastructure. Salary: Circa £50,000depending on experience+ shift allowance Dynamic (hybrid) working: 5 days per week on-site due to workload classification, working a 24/7 Shift Pattern Security Clearance: British Citizen This role will require DV Clearance. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS) and a Security Check (SC) clearance, which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more The opportunity: Join our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions to protect against evolving threats. Collaborating with cross-functional teams, you will work on implementing changes securely, identifying vulnerabilities, managing security incidents and ensuring compliance with industry best practices. The role will be involved in the optimisation of network security tools to remediate "purple team" highlighted areas identified for improvement. You will also have the opportunity to immerse your time into the standardisation of network tools. This is a dynamic opportunity to contribute to security initiatives, solve complex challenges, and have a direct impact on the overall resilience of our IT environment. If you are passionate about security and proactive defence, this role is the perfect fit. If you are looking to leverage your technical skills in a values-led company that values innovation and diversity, this is the place to make an impact. What we're looking for from you: ESSENTIALS Solid understanding of networking principles (TCP/IP, DNS, routing, switching, VLANS and load balancing) Strong expertise in configuring, maintaining and troubleshooting firewalls e.g. Cisco, Checkpoint, Palo Alto Demonstrable hands-on experience in next-gen firewalls and advancing security features like IPS/IDS, SSL decryption and deep packet inspection. Proven experience in managing secure proxy solutions (e.g. Bluecoat, F5) and the ability to implement policies for content filtering, SSL inspection and network traffic monitoring. In depth knowledge of security protocols such as IPSec, SSL / TLS, VPNs and two factor authentication. Understanding of network architectures and security zones (DMZ, internal networks). Proficient in monitoring technologies e.g. PRTG, Nagios. DESIRABLES Understanding of cyber security capabilities and their integrations to networks infrastructure. Existing knowledge of / aptitude to learn Darktrace Antigena and Respond, Splunk ES or Log Rhythm tools. Strong ability to interpret complex information via use of packet capture in order to identify malicious traffic in detail, revealing attacker behaviours like C2, exploitation, lateral movement, or data exfiltration. Proven ability to review SOC alerting in collaboration with SOC analysts to effectively triage and manage Tier 1 SOC alerts to the appropriate outcome. Experience with LDAP, and application traffic flow root cause analysis. Previous experience to identify root cause from (TBC for review - Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools). Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.
Jun 26, 2026
Full time
An exciting opportunity for a passionate Network Security Engineer to join a unique, multi-national Information Management function. Ideal candidates should be committed to protecting our critical systems and ensuring the integrity and security of our network infrastructure. Salary: Circa £50,000depending on experience+ shift allowance Dynamic (hybrid) working: 5 days per week on-site due to workload classification, working a 24/7 Shift Pattern Security Clearance: British Citizen This role will require DV Clearance. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS) and a Security Check (SC) clearance, which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more The opportunity: Join our forward thinking team as a Network Security Engineer, where you will play a key role in safeguarding our organisations' network infrastructure as part of the 24x7 Internal Security Response (ISR) team. When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing and maintaining robust security solutions to protect against evolving threats. Collaborating with cross-functional teams, you will work on implementing changes securely, identifying vulnerabilities, managing security incidents and ensuring compliance with industry best practices. The role will be involved in the optimisation of network security tools to remediate "purple team" highlighted areas identified for improvement. You will also have the opportunity to immerse your time into the standardisation of network tools. This is a dynamic opportunity to contribute to security initiatives, solve complex challenges, and have a direct impact on the overall resilience of our IT environment. If you are passionate about security and proactive defence, this role is the perfect fit. If you are looking to leverage your technical skills in a values-led company that values innovation and diversity, this is the place to make an impact. What we're looking for from you: ESSENTIALS Solid understanding of networking principles (TCP/IP, DNS, routing, switching, VLANS and load balancing) Strong expertise in configuring, maintaining and troubleshooting firewalls e.g. Cisco, Checkpoint, Palo Alto Demonstrable hands-on experience in next-gen firewalls and advancing security features like IPS/IDS, SSL decryption and deep packet inspection. Proven experience in managing secure proxy solutions (e.g. Bluecoat, F5) and the ability to implement policies for content filtering, SSL inspection and network traffic monitoring. In depth knowledge of security protocols such as IPSec, SSL / TLS, VPNs and two factor authentication. Understanding of network architectures and security zones (DMZ, internal networks). Proficient in monitoring technologies e.g. PRTG, Nagios. DESIRABLES Understanding of cyber security capabilities and their integrations to networks infrastructure. Existing knowledge of / aptitude to learn Darktrace Antigena and Respond, Splunk ES or Log Rhythm tools. Strong ability to interpret complex information via use of packet capture in order to identify malicious traffic in detail, revealing attacker behaviours like C2, exploitation, lateral movement, or data exfiltration. Proven ability to review SOC alerting in collaboration with SOC analysts to effectively triage and manage Tier 1 SOC alerts to the appropriate outcome. Experience with LDAP, and application traffic flow root cause analysis. Previous experience to identify root cause from (TBC for review - Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools). Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.
