Job Title: Service Desk Manager Location: Durrington, Worthing - Hybrid working (minimum 2 days a week in the office) Contract Type: Permanent Hours: 37 Salary: From £55k based on skills and experience About the role: The Service Desk Manager is responsible for leading the day-to-day operation of the Service Desk, ensuring high-quality incident and request handling, effective queue and performance management, and resilient first line I.T support for over 4000 internal and external users. The role provides leadership to 2 Team Leaders and 10 Analysts, driving capability, wellbeing and accountability, while improving customer experience through quality assurance, feedback and continual service improvement. What you will be responsible for: Working across Digital and the wider business, the postholder uses service insight and demand data to inform planning, represents the Service Desk in governance and change activity, ensures operational readiness for new or changed services, and maintains compliance with security, risk and data protection requirements. You will also be enrolled on the 'on call' rota. Manage the day-to-day operation of the Service Desk, ensuring effective handling of incidents, service requests, queries and escalations Oversee queue management, ticket progression, aged ticket follow-up, workload distribution and service continuity Ensure tickets are logged, categorised, prioritised, updated, escalated and resolved in line with agreed standards Monitor service performance throughout the day, taking action where demand, backlogs, absence or major incidents affect service levels Work with Team Leaders to ensure appropriate rota coverage, shift patterns, handovers and resource allocation. Ensure the Service Desk provides timely, professional and effective first-line support. Own the Service Desk contribution to the incident lifecycle, including logging quality, updates, escalation paths and closure quality. Ensure operational readiness for new or changed services, including support models, knowledge, resolver routes, SLAs, escalation paths and Service Desk training. Audit a regular sample of calls, emails, portal interactions, chats and ticket updates where applicable. Review professionalism, communication quality, ticket accuracy, troubleshooting approach, knowledge use, escalation quality and closure standards. Use QA and CSAT outputs to improve knowledge articles, scripts, templates, standard responses, onboarding and apprentice support. What you'll bring to the role: Strong leadership, coaching and people-management skills Excellent customer service mindset, with a focus on user experience Good understanding of core ITSM practices, especially Incident Management, Request Fulfilment, Knowledge Management and Service Level Management Strong operational management skills, including queue management, prioritisation, escalation and workload planning Strong communication skills, with the ability to engage Analysts, IT teams, suppliers and senior stakeholders Ability to manage performance, support wellbeing and build team capability Good understanding of Service Desk tooling Awareness of information security, access control and data protection responsibilities Continuous improvement mindset, with the ability to simplify processes and improve service quality Essential ITIL Foundation qualification, ideally ITIL 4 or 5 Experience in automation/automating systems Desirable ServiceNow training or certification desirable. Customer service qualification desirable. Information security or cyber awareness training desirable. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation "Our mission is to protect and enhance life through water-and we need passionate people to help us achieve it. If you're inspired by our purpose and believe you can contribute, apply today. You don't need to meet every criterion; what matters most is your drive to make a difference." Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all pre-employment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
Jun 28, 2026
Full time
Job Title: Service Desk Manager Location: Durrington, Worthing - Hybrid working (minimum 2 days a week in the office) Contract Type: Permanent Hours: 37 Salary: From £55k based on skills and experience About the role: The Service Desk Manager is responsible for leading the day-to-day operation of the Service Desk, ensuring high-quality incident and request handling, effective queue and performance management, and resilient first line I.T support for over 4000 internal and external users. The role provides leadership to 2 Team Leaders and 10 Analysts, driving capability, wellbeing and accountability, while improving customer experience through quality assurance, feedback and continual service improvement. What you will be responsible for: Working across Digital and the wider business, the postholder uses service insight and demand data to inform planning, represents the Service Desk in governance and change activity, ensures operational readiness for new or changed services, and maintains compliance with security, risk and data protection requirements. You will also be enrolled on the 'on call' rota. Manage the day-to-day operation of the Service Desk, ensuring effective handling of incidents, service requests, queries and escalations Oversee queue management, ticket progression, aged ticket follow-up, workload distribution and service continuity Ensure tickets are logged, categorised, prioritised, updated, escalated and resolved in line with agreed standards Monitor service performance throughout the day, taking action where demand, backlogs, absence or major incidents affect service levels Work with Team Leaders to ensure appropriate rota coverage, shift patterns, handovers and resource allocation. Ensure the Service Desk provides timely, professional and effective first-line support. Own the Service Desk contribution to the incident lifecycle, including logging quality, updates, escalation paths and closure quality. Ensure operational readiness for new or changed services, including support models, knowledge, resolver routes, SLAs, escalation paths and Service Desk training. Audit a regular sample of calls, emails, portal interactions, chats and ticket updates where applicable. Review professionalism, communication quality, ticket accuracy, troubleshooting approach, knowledge use, escalation quality and closure standards. Use QA and CSAT outputs to improve knowledge articles, scripts, templates, standard responses, onboarding and apprentice support. What you'll bring to the role: Strong leadership, coaching and people-management skills Excellent customer service mindset, with a focus on user experience Good understanding of core ITSM practices, especially Incident Management, Request Fulfilment, Knowledge Management and Service Level Management Strong operational management skills, including queue management, prioritisation, escalation and workload planning Strong communication skills, with the ability to engage Analysts, IT teams, suppliers and senior stakeholders Ability to manage performance, support wellbeing and build team capability Good understanding of Service Desk tooling Awareness of information security, access control and data protection responsibilities Continuous improvement mindset, with the ability to simplify processes and improve service quality Essential ITIL Foundation qualification, ideally ITIL 4 or 5 Experience in automation/automating systems Desirable ServiceNow training or certification desirable. Customer service qualification desirable. Information security or cyber awareness training desirable. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation "Our mission is to protect and enhance life through water-and we need passionate people to help us achieve it. If you're inspired by our purpose and believe you can contribute, apply today. You don't need to meet every criterion; what matters most is your drive to make a difference." Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all pre-employment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office in Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Jun 28, 2026
Contractor
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office in Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Introduction Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 600 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. The Role: This is an initial 6 month contract role within our UK IT Business Unit. The IT Solution Architect will be responsible for designing and implementing technology solutions that align with business objectives and technical requirements. This role bridges the gap between business needs and IT capabilities, ensuring that solutions are scalable, secure, and cost-effective. The Solution Architect works closely with stakeholders, developers, and project managers to deliver robust architectures that support organisational goals. Key Responsibilities: Solution Design & Architecture to a high standard. Develop high-level and detailed solution architectures for IT systems and applications. Ensure solutions comply with enterprise architecture standards, security policies, and regulatory requirements. Create architectural diagrams, models, and documentation for proposed solutions. Stakeholder Engagement Collaborate with business analysts, project managers, and technical teams to understand requirements. Present architectural solutions to stakeholders and obtain buy-in. Technology Evaluation Assess emerging technologies and recommend adoption where appropriate. Conduct feasibility studies and cost-benefit analyses for proposed solutions. Governance & Standards Define and enforce architectural principles, guidelines, and best practices. Ensure consistency and integration across systems and platforms. Implementation Support Provide technical leadership during solution implementation. Troubleshoot architectural issues and guide development teams. Perform Risk Management. Identify potential risks in solution design and propose mitigation strategies. Ensure compliance with data protection and cybersecurity standards. Qualifications and Skills: Bachelor's degree in Computer Science, Information Technology, or related field. 7+ years in IT roles, with at least 3 years in solution architecture. Experience in large-scale system design and implementation. Certifications (Preferred). TOGAF, AWS/Azure Solution Architect, ITIL. Knowledge of enterprise architecture frameworks (e.g., TOGAF, Zachman). Proficiency in cloud platforms (AWS, Azure, GCP) and hybrid architectures. Experience with APIs, microservices, and integration patterns. Understanding of networking, security, and infrastructure principles. Analytical & Problem-Solving. Ability to translate business requirements into technical solutions. Strong analytical skills for evaluating complex systems. Communication & Leadership. Excellent verbal and written communication skills. Ability to influence and negotiate with stakeholders at all levels. Self-motivated, resilient and able to work under pressure. Excellent communication and presentation skills. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.
Jun 28, 2026
Contractor
Introduction Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 600 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. The Role: This is an initial 6 month contract role within our UK IT Business Unit. The IT Solution Architect will be responsible for designing and implementing technology solutions that align with business objectives and technical requirements. This role bridges the gap between business needs and IT capabilities, ensuring that solutions are scalable, secure, and cost-effective. The Solution Architect works closely with stakeholders, developers, and project managers to deliver robust architectures that support organisational goals. Key Responsibilities: Solution Design & Architecture to a high standard. Develop high-level and detailed solution architectures for IT systems and applications. Ensure solutions comply with enterprise architecture standards, security policies, and regulatory requirements. Create architectural diagrams, models, and documentation for proposed solutions. Stakeholder Engagement Collaborate with business analysts, project managers, and technical teams to understand requirements. Present architectural solutions to stakeholders and obtain buy-in. Technology Evaluation Assess emerging technologies and recommend adoption where appropriate. Conduct feasibility studies and cost-benefit analyses for proposed solutions. Governance & Standards Define and enforce architectural principles, guidelines, and best practices. Ensure consistency and integration across systems and platforms. Implementation Support Provide technical leadership during solution implementation. Troubleshoot architectural issues and guide development teams. Perform Risk Management. Identify potential risks in solution design and propose mitigation strategies. Ensure compliance with data protection and cybersecurity standards. Qualifications and Skills: Bachelor's degree in Computer Science, Information Technology, or related field. 7+ years in IT roles, with at least 3 years in solution architecture. Experience in large-scale system design and implementation. Certifications (Preferred). TOGAF, AWS/Azure Solution Architect, ITIL. Knowledge of enterprise architecture frameworks (e.g., TOGAF, Zachman). Proficiency in cloud platforms (AWS, Azure, GCP) and hybrid architectures. Experience with APIs, microservices, and integration patterns. Understanding of networking, security, and infrastructure principles. Analytical & Problem-Solving. Ability to translate business requirements into technical solutions. Strong analytical skills for evaluating complex systems. Communication & Leadership. Excellent verbal and written communication skills. Ability to influence and negotiate with stakeholders at all levels. Self-motivated, resilient and able to work under pressure. Excellent communication and presentation skills. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.
Graduate IT Support Technician - 12 month placement Sheffield About the Role CV Screen is recruiting for a Graduate IT Support Technician to join a highly respected organisation based in Sheffield. Offering a salary of £25,000 plus an excellent benefits package, this is an outstanding opportunity for a recent graduate or aspiring IT professional looking to launch a successful career in technology. You'll gain hands-on experience across IT support, Microsoft 365 administration, device management and cloud technologies while supporting an organisation that plays an important role in maintaining professional standards within a regulated sector. This is a hybrid role with excellent training - open to recent graduates and also pre-graduates looking for a placement year in industry. Duties & Responsibilities Provide first-line technical support and resolve IT issues for internal users. Assist with the deployment, configuration and maintenance of Windows devices. Support Microsoft 365 administration, including user accounts, licences and access management. Maintain accurate IT asset records and assist with hardware refresh projects. Create and update technical documentation, knowledge base articles and support procedures. What Experience is Required? A degree in IT, Computing or a related subject, or equivalent technical knowledge. Strong communication skills with the ability to support non-technical users. An interest in Microsoft technologies, IT support and infrastructure, with a willingness to learn. Salary & Benefits Salary of £25,000 Excellent training and mentoring programme Exposure to Microsoft 365, Intune and cloud-based technologies Clear career progression into Infrastructure, Cloud and Cyber Security roles Generous benefits package Location Based in Sheffield, this role is easily commutable from Rotherham, Chesterfield, Barnsley, Doncaster, Worksop and Dronfield. How to Apply To apply, please send your CV to Giselle Whitton of CV Screen in strict confidence. Alternate Job Titles Graduate IT Support Analyst Junior Service Desk Analyst IT Support Engineer Junior Systems Administrator CV Screen Ltd acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the Privacy Policy which can be found on the CV Screen website. (url removed)
Jun 28, 2026
Full time
Graduate IT Support Technician - 12 month placement Sheffield About the Role CV Screen is recruiting for a Graduate IT Support Technician to join a highly respected organisation based in Sheffield. Offering a salary of £25,000 plus an excellent benefits package, this is an outstanding opportunity for a recent graduate or aspiring IT professional looking to launch a successful career in technology. You'll gain hands-on experience across IT support, Microsoft 365 administration, device management and cloud technologies while supporting an organisation that plays an important role in maintaining professional standards within a regulated sector. This is a hybrid role with excellent training - open to recent graduates and also pre-graduates looking for a placement year in industry. Duties & Responsibilities Provide first-line technical support and resolve IT issues for internal users. Assist with the deployment, configuration and maintenance of Windows devices. Support Microsoft 365 administration, including user accounts, licences and access management. Maintain accurate IT asset records and assist with hardware refresh projects. Create and update technical documentation, knowledge base articles and support procedures. What Experience is Required? A degree in IT, Computing or a related subject, or equivalent technical knowledge. Strong communication skills with the ability to support non-technical users. An interest in Microsoft technologies, IT support and infrastructure, with a willingness to learn. Salary & Benefits Salary of £25,000 Excellent training and mentoring programme Exposure to Microsoft 365, Intune and cloud-based technologies Clear career progression into Infrastructure, Cloud and Cyber Security roles Generous benefits package Location Based in Sheffield, this role is easily commutable from Rotherham, Chesterfield, Barnsley, Doncaster, Worksop and Dronfield. How to Apply To apply, please send your CV to Giselle Whitton of CV Screen in strict confidence. Alternate Job Titles Graduate IT Support Analyst Junior Service Desk Analyst IT Support Engineer Junior Systems Administrator CV Screen Ltd acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the Privacy Policy which can be found on the CV Screen website. (url removed)
Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This is a coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response / Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill chain frameworks Experience managing incidents and stakeholder communications Comfortable leading bridge calls and coordinating technical teams Strong process-driven mindset The Role Coordinate cyber security incidents end-to-end Manage incident bridge calls and communications Work closely with internal teams and external suppliers Support post-incident reviews and lessons learned Participate in an on-call rota Fast interview process with immediate review of profiles. If you're looking to get your next project lined up ahead of time - Apply now to learn more!
Jun 27, 2026
Contractor
Cyber Incident Response Analyst - Contract Location: Sheffield (2 days onsite) Rate: 500 p/d Duration: 6 Months - July 2026 - January 2027 A large enterprise organisation is looking for a Cyber Incident Response Analyst to support their Cyber Defence team on a contract basis. This is a coordination-focused incident response role, managing cyber incidents through the response lifecycle rather than deep technical remediation. Experience Required Previous experience within Incident Response / Security Operations Strong understanding of the NIST incident response lifecycle Familiarity with MITRE ATT&CK and cyber kill chain frameworks Experience managing incidents and stakeholder communications Comfortable leading bridge calls and coordinating technical teams Strong process-driven mindset The Role Coordinate cyber security incidents end-to-end Manage incident bridge calls and communications Work closely with internal teams and external suppliers Support post-incident reviews and lessons learned Participate in an on-call rota Fast interview process with immediate review of profiles. If you're looking to get your next project lined up ahead of time - Apply now to learn more!
CBSbutler Holdings Limited trading as CBSbutler
Corsham, Wiltshire
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 650 a day +Corsham / Portsmouth We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. If you'd like to discuss this Senior SOC Analyst in more detail, please send your updated CV to (url removed) and I will get in touch.
Jun 27, 2026
Contractor
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 650 a day +Corsham / Portsmouth We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. If you'd like to discuss this Senior SOC Analyst in more detail, please send your updated CV to (url removed) and I will get in touch.
SOC Analyst Leeds (Hybrid) £50,000 - £58,000 Package 24/7 Shift Pattern Permanent 25 Days Hols (rising to 27 + Buy and Sell scheme) - Pension (5% Employer) - Healthcare - DIS x 4 Critical Illness Cover - Birthday off - Vendor Training and Accreditations SOC Analyst Join a Growing Cyber Security Operations Team An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market. Benefits 25 days annual leave (rising with service) Birthday day off Hybrid working model Home-based night shifts Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment This is an excellent opportunity for a SOC Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation.
Jun 27, 2026
Full time
SOC Analyst Leeds (Hybrid) £50,000 - £58,000 Package 24/7 Shift Pattern Permanent 25 Days Hols (rising to 27 + Buy and Sell scheme) - Pension (5% Employer) - Healthcare - DIS x 4 Critical Illness Cover - Birthday off - Vendor Training and Accreditations SOC Analyst Join a Growing Cyber Security Operations Team An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market. Benefits 25 days annual leave (rising with service) Birthday day off Hybrid working model Home-based night shifts Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment This is an excellent opportunity for a SOC Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation.
Leeds (Hybrid) 50,000 - 58,000 Package 24/7 Shift Pattern Permanent With extensive Benefits! 25 days annual leave (rising with service to 27) Birthday day off Hybrid working model but mostly work from home Home-based night shifts with certain day shifts also from home 4 days on 4 days off Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment Opportunity Join a Growing Cyber Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market.
Jun 27, 2026
Full time
Leeds (Hybrid) 50,000 - 58,000 Package 24/7 Shift Pattern Permanent With extensive Benefits! 25 days annual leave (rising with service to 27) Birthday day off Hybrid working model but mostly work from home Home-based night shifts with certain day shifts also from home 4 days on 4 days off Private Medical Insurance Life Assurance Enhanced Pension Scheme Income Protection Learning & Development support Dedicated certification programme Microsoft, AWS, Cisco and Fortinet training pathways Leadership development opportunities Employee wellbeing initiatives Cycle to Work scheme Retail discounts programme Modern office environment Opportunity Join a Growing Cyber Security Operations Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily in its Security Operations capability and is looking to appoint a SOC Analyst to join a growing 24/7 Cyber Defence team based in Leeds. This is an excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond to security incidents while supporting the ongoing protection of critical business systems and infrastructure. The Role As a SOC Analyst, you will be responsible for monitoring and responding to cyber security events, supporting incident investigations and helping to maintain a strong security posture across customer environments. Key Responsibilities Monitor and investigate security alerts and events across cloud, endpoint, identity and network environments Support the management of security incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute to the continuous improvement of security monitoring capabilities Technology Environment You'll gain exposure to a modern enterprise security stack including: Microsoft Sentinel Microsoft Defender XDR Defender for Endpoint Defender for Cloud Defender for Identity Defender for Cloud Apps Microsoft Intune Qualys AttackIQ XM Cyber Threat Intelligence Platforms What We're Looking For We're interested in speaking with candidates who have experience in one or more of the following: Security Operations Centre (SOC) environments Security Monitoring Incident Response Cyber Security Analysis Threat Detection Threat Hunting Vulnerability Management Security Operations You may currently be working as a: SOC Analyst Cyber Security Analyst Security Analyst Security Operations Analyst Threat Detection Analyst Blue Team Analyst Information Security Analyst Essential Skills Experience monitoring and investigating security events Understanding of cyber security threats, attack techniques and security controls Exposure to SIEM technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology and cyber security provider supporting customers globally. You'll join a collaborative team environment with genuine opportunities to develop your cyber security career, gain industry certifications and work with some of the most widely adopted security technologies in the market.
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
Jun 27, 2026
Full time
Security Monitoring & SIEM Analyst Location: Berkshire (Onsite) Salary: 45,000 - 60,000 + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology organisation with a well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through effective monitoring and rapid response. Key Responsibilities Monitor, analyse, and investigate security alerts across SIEM and security tooling Conduct detailed investigations across log, endpoint, identity, and network telemetry Develop and optimise detection logic and SIEM queries to improve alert fidelity Analyse security events and correlate activity across multiple data sources Support incident response activities, including containment, escalation, and remediation Perform IOC analysis, enrichment, and validation using threat intelligence sources Identify gaps in detection capabilities and contribute to continuous improvement Work closely with infrastructure, SOC, and incident response teams to enhance response capability Produce clear and structured investigation reports and escalation summaries Skills & Experience Required Core SIEM & Detection Skills Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES QL / Kibana Query Language o Splunk SPL Understanding of event correlation, alerting, and detection use-case development Technical Foundations Strong knowledge of: o Linux and Windows operating systems o Core networking concepts (TCP/IP, DNS, HTTP/S, firewalls, VPNs) Experience analysing logs across: o Endpoint, identity, network, and cloud environments Threat Detection & Security Tooling Strong knowledge of: o EDR/XDR concepts and workflows o IDS/IPS technologies and signature-based detection Experience working with tools such as: o Microsoft Defender, CrowdStrike, SentinelOne, or similar Threat & Adversary Knowledge Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry Familiarity with MITRE ATT&CK framework Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques Incident Handling & Investigation Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams Strong understanding of: o Incident management processes o Host-based forensic concepts Ability to apply post-incident review (PIR) learnings to improve detection and response Desirable Experience Experience within a SOC or cyber defence environment Exposure to threat hunting or detection engineering Experience in high-security or regulated environments Certifications (Beneficial) Microsoft SC-200 (Security Operations Analyst) GIAC / SANS certifications (GCIH, GCIA, GCED, etc.) CREST (CPIA, CRIA, CCTIA, CCBTP) Other recognised cyber security certifications Why Join? Work within a mature Security Operations environment Exposure to advanced SIEM tooling and large-scale environments Strong investment in training, certifications, and progression Opportunity to develop into: o Senior SIEM Analyst o Detection Engineer o Threat Hunter About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this role.
The Threat-Led Detection Engineer will design, build, and maintain high-quality threat detections within WTW's Global Information and Cyber Security Defence (ICSD) function, helping WTW detect adversary activity quickly and accurately across its global estate. This is a hands-on engineering role for someone with a strong cyber security mindset and a genuine interest in how attackers operate. You will write and tune detection rules, map coverage to real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence (CTI), and Incident Response, you will turn intelligence and hunt findings into reliable detections, embracing a threat-led, Detection-as-Code approach. The individual will work as part of a global, multi-disciplined security community with strong support across the business, helping to foster a security-aware culture while ensuring WTW remains a great place to work. With WTW's large global footprint, this role offers a varied and stimulating range of work, and occasional global travel may be required. The role is based in London and follows a hybrid working model, with the expectation of attending the office as and when required on business demand. The Role: The Threat-Led Detection Engineer will build and maintain detections within WTW's Global Cyber Security Defence team. Responsibilities of this role will include: - Design, write, test, and maintain high-fidelity detection rules across SIEM, EDR/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence, and incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer review, and automated testing for detection content. - Validate detections through adversary emulation and testing (e.g. Atomic Red Team) and collaborate on purple-team exercises. - Support the integration of AI and automation into detection and triage workflows, and help build detections for AI/GenAI-specific threats. - Collaborate with SOC, Threat Hunting, CTI, and Incident Response to close detection gaps surfaced during hunts and incidents. - Write clear detection documentation and response guidance so each detection is actionable for analysts. - Onboard and validate new log sources and telemetry to expand detection coverage. - Contribute to detection coverage and quality metrics to help measure and improve detection effectiveness. What you'll bring: We are looking for a candidate for the Threat-Led Detection Engineer role who has the following: Must-have: Strong background in cyber security with hands-on detection engineering, SOC, or threat-hunting experience. Strong cyber security mindset and a solid, thorough understanding of attacker behaviour and the modern threat landscape. Working knowledge of the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model, with the ability to map detections to them. Hands-on experience writing and tuning detection rules using query languages such as KQL, SPL, EQL, or Sigma on platforms like Microsoft Sentinel, Splunk, Elastic, CrowdStrike, or Microsoft Defender XDR. Ability to develop high-fidelity detections swiftly in response to emerging threats and intelligence. Experience maintaining detection content and contributing to a detection library. Familiarity with Detection-as-Code concepts: Git, version control, and automated testing of detection content. Awareness of AI/ML in security operations and AI-specific threats (e.g. prompt injection, sensitive-data exposure via GenAI), with awareness of the OWASP LLM Top 10 and MITRE ATLAS. Exposure to cloud detection across Azure, AWS, and/or GCP and to cloud and identity log sources (e.g. Entra ID, CloudTrail). Good written and verbal communication skills, able to document detections clearly and collaborate across teams. Good to have: Threat-hunting mindset and experience hunting for novel or emerging threats to feed detection development. Experience with adversary emulation and breach-and-attack-simulation tooling (Atomic Red Team, Caldera) and purple teaming. Scripting skills (e.g. Python, PowerShell) for automation and enrichment. What we offer: Enjoy a benefits package designed to help you thrive, both professionally and personally. You'll receive 25 days of annual leave plus an extra WTW day to relax and recharge. Our comprehensive health and wellbeing offering includes private healthcare, life insurance, group income protection, and regular health assessments, all giving you peace of mind. Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. We support your growth and balance with hybrid working options, access to an employee assistance programme, and a fully paid volunteer day to make a difference in your community. On top of these, you can opt into a variety of additional perks including an electric vehicle car scheme, share scheme, cycle-to-work programme, dental and optical cover, critical illness protection, and much more. Start making the most of your career and wellbeing with a range of benefits tailored for you. Equal Opportunity Employer We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants.
Jun 27, 2026
Full time
The Threat-Led Detection Engineer will design, build, and maintain high-quality threat detections within WTW's Global Information and Cyber Security Defence (ICSD) function, helping WTW detect adversary activity quickly and accurately across its global estate. This is a hands-on engineering role for someone with a strong cyber security mindset and a genuine interest in how attackers operate. You will write and tune detection rules, map coverage to real adversary behaviour, and contribute to a well-maintained, version-controlled detection library. Working closely with SOC, Threat Hunting, Cyber Threat Intelligence (CTI), and Incident Response, you will turn intelligence and hunt findings into reliable detections, embracing a threat-led, Detection-as-Code approach. The individual will work as part of a global, multi-disciplined security community with strong support across the business, helping to foster a security-aware culture while ensuring WTW remains a great place to work. With WTW's large global footprint, this role offers a varied and stimulating range of work, and occasional global travel may be required. The role is based in London and follows a hybrid working model, with the expectation of attending the office as and when required on business demand. The Role: The Threat-Led Detection Engineer will build and maintain detections within WTW's Global Cyber Security Defence team. Responsibilities of this role will include: - Design, write, test, and maintain high-fidelity detection rules across SIEM, EDR/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence, and incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer review, and automated testing for detection content. - Validate detections through adversary emulation and testing (e.g. Atomic Red Team) and collaborate on purple-team exercises. - Support the integration of AI and automation into detection and triage workflows, and help build detections for AI/GenAI-specific threats. - Collaborate with SOC, Threat Hunting, CTI, and Incident Response to close detection gaps surfaced during hunts and incidents. - Write clear detection documentation and response guidance so each detection is actionable for analysts. - Onboard and validate new log sources and telemetry to expand detection coverage. - Contribute to detection coverage and quality metrics to help measure and improve detection effectiveness. What you'll bring: We are looking for a candidate for the Threat-Led Detection Engineer role who has the following: Must-have: Strong background in cyber security with hands-on detection engineering, SOC, or threat-hunting experience. Strong cyber security mindset and a solid, thorough understanding of attacker behaviour and the modern threat landscape. Working knowledge of the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model, with the ability to map detections to them. Hands-on experience writing and tuning detection rules using query languages such as KQL, SPL, EQL, or Sigma on platforms like Microsoft Sentinel, Splunk, Elastic, CrowdStrike, or Microsoft Defender XDR. Ability to develop high-fidelity detections swiftly in response to emerging threats and intelligence. Experience maintaining detection content and contributing to a detection library. Familiarity with Detection-as-Code concepts: Git, version control, and automated testing of detection content. Awareness of AI/ML in security operations and AI-specific threats (e.g. prompt injection, sensitive-data exposure via GenAI), with awareness of the OWASP LLM Top 10 and MITRE ATLAS. Exposure to cloud detection across Azure, AWS, and/or GCP and to cloud and identity log sources (e.g. Entra ID, CloudTrail). Good written and verbal communication skills, able to document detections clearly and collaborate across teams. Good to have: Threat-hunting mindset and experience hunting for novel or emerging threats to feed detection development. Experience with adversary emulation and breach-and-attack-simulation tooling (Atomic Red Team, Caldera) and purple teaming. Scripting skills (e.g. Python, PowerShell) for automation and enrichment. What we offer: Enjoy a benefits package designed to help you thrive, both professionally and personally. You'll receive 25 days of annual leave plus an extra WTW day to relax and recharge. Our comprehensive health and wellbeing offering includes private healthcare, life insurance, group income protection, and regular health assessments, all giving you peace of mind. Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. We support your growth and balance with hybrid working options, access to an employee assistance programme, and a fully paid volunteer day to make a difference in your community. On top of these, you can opt into a variety of additional perks including an electric vehicle car scheme, share scheme, cycle-to-work programme, dental and optical cover, critical illness protection, and much more. Start making the most of your career and wellbeing with a range of benefits tailored for you. Equal Opportunity Employer We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants.
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Jun 27, 2026
Full time
Cyber Security Analyst Permanent - 42k - 48k + strong benefits Location: Hybrid - South Wales Your new company: I am looking to recruit a Cyber Security Analyst to join a leader in the utilities space. The business has been investing in their cyber security and IT estate and are continuing to grow and enhance their security posture. The company has a strong reputation, and we have placed numerous people into careers there, with strong feedback. The role responsibilities: This is an interesting opportunity where you will work with the cyber resilience team and assist with the Security Operations function, including EDR, SIEM, gathering security control framework evidence and general day-to-day assistance with security tasks. You will help deliver a strategy which will enhance the organisations security resilience, proactively contributing to mitigating threats, at a good time when the company are expanding and investing in their IT and cyber security estate. Key parts of the role: You will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle is undertaken to a high standard. Monitor and respond to security incidents, alerts and breaches Monitor and track remediation to all identified vulnerabilities Monitor the risks using security tooling to carry out routine checks. Monitor and report on user behavioural analysis such as awareness training and social engineering campaigns. Stay informed about emerging cyber threats and vulnerabilities. You will need: Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge and awareness of global Information Security Standards, including ISO27k, CIS, CAF, NIST CSF. Ability to work independently and as part of a team. Excellent communication and interpersonal skills. Ability to obtain UK Security Clearance What you'll get in return: Salary of between 42k- 48k Hybrid working 2/3 days in South Wales per week Possible bonus 5% pension contribution from you, the company pays 10% Enhanced pay for parental leave And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
We re Hiring: Senior Cyber Security Analyst Corsham I m currently looking for a Senior Cyber Security Analyst to join our SOC team at Computer Network Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst, you will support the SOC Team Lead and play a central role in monitoring, triaging, and investigating security events across a range of client environments. You ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends, and insights, as well as contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency and impact Deliver weekly and monthly reporting to clients and stakeholders Communicate security findings and trends directly to clients Support vulnerability management analysis and remediation efforts Lead false-positive reduction and SIEM tuning activities Mentor and support development of Tier 1 and junior analysts Contribute to SOC process improvement and operational efficiency Participate in incident response activities as part of the wider team Lead internal SOC initiatives and projects where required Create and deliver presentations for clients and internal teams What We re Looking For Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving and continuous improvement Good understanding of current cyber threats, tactics and trends Package & Details Location: Isle of Man (relocation package)/Corsham Hours: 37.5 hours per week, plus on-call rota Working pattern: Monday to Friday, 09 00 (early Friday finish at 16:00, workload permitting) Clearance: SC Cleared This is a great opportunity for someone looking to step into a more senior, visible role within a growing SOC, with real influence over both technical delivery and team development.
Jun 27, 2026
Full time
We re Hiring: Senior Cyber Security Analyst Corsham I m currently looking for a Senior Cyber Security Analyst to join our SOC team at Computer Network Defence Ltd (CND). This is a key hire within our MSSP Security Operations Centre, offering the opportunity to take a lead role in incident analysis, client engagement, and mentoring junior analysts, while shaping how the SOC continues to evolve. The Role As a Senior Cyber Security Analyst, you will support the SOC Team Lead and play a central role in monitoring, triaging, and investigating security events across a range of client environments. You ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends, and insights, as well as contributing to reporting and continuous improvement within the SOC. Key Responsibilities Monitor, triage and investigate security alerts across multiple platforms Conduct in-depth incident analysis and support ongoing client investigations Act as deputy to the SOC Team Lead when required Review and assess escalated Tier 2 alerts for urgency and impact Deliver weekly and monthly reporting to clients and stakeholders Communicate security findings and trends directly to clients Support vulnerability management analysis and remediation efforts Lead false-positive reduction and SIEM tuning activities Mentor and support development of Tier 1 and junior analysts Contribute to SOC process improvement and operational efficiency Participate in incident response activities as part of the wider team Lead internal SOC initiatives and projects where required Create and deliver presentations for clients and internal teams What We re Looking For Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving and continuous improvement Good understanding of current cyber threats, tactics and trends Package & Details Location: Isle of Man (relocation package)/Corsham Hours: 37.5 hours per week, plus on-call rota Working pattern: Monday to Friday, 09 00 (early Friday finish at 16:00, workload permitting) Clearance: SC Cleared This is a great opportunity for someone looking to step into a more senior, visible role within a growing SOC, with real influence over both technical delivery and team development.
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 27, 2026
Contractor
Role: Technical Architect Contract Location: UK-based home working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £(Apply online only)/day Outside IR35 Key Skills Working with ambiguity that comes from an R&D environment, Technical Architecture, Secure Cloud, Kubernetes, Systems Integration, Zero Trust, Defence Digital Transformation, AI-enabled Systems You ve spent years designing complex technical solutions in environments where security, resilience, interoperability, and operational effectiveness genuinely matter. You re the person people rely on when systems need to work properly, scale correctly, integrate cleanly, and remain secure under pressure. You know how to balance technical detail with strategic thinking, and you re comfortable operating in environments where there are a lot of moving parts, stakeholders, and evolving requirements. If that sounds familiar, this role could be a very interesting next step. I m working with a cyber security technology company and I m looking for a Technical Architect to support major MOD capability, transformation, and systems integration programmes across secure and highly regulated R&D environments. This is not a role where you ll just produce diagrams and disappear. You ll be heavily involved in shaping technical direction across complex defence programmes, helping design secure and resilient architectures that support operational capability, future technology adoption, and long-term digital transformation goals. A major focus of the environment is around modern defence technology and AI-enabled systems. You ll be working on programmes exploring technologies such as artificial intelligence, autonomous systems, secure cloud services, edge computing, data fabric, data-centred security, and advanced cyber security platforms. They re looking for someone who understands how to translate these emerging technologies into practical, supportable solutions that can operate effectively within secure defence environments. You ll spend your time designing and assuring technical architectures across infrastructure, applications, integrations, data platforms, and operational systems, ensuring solutions are scalable, interoperable, secure, and aligned with both operational and enterprise requirements. There s also a strong focus around hybrid cloud, private cloud, Kubernetes, secure networking, and modern platform architecture, particularly within environments where legacy and modern technologies need to coexist successfully. You ll be involved throughout the full lifecycle, supporting technical governance, design authorities, architecture reviews, supplier assurance activities, and wider engineering teams delivering operational capability into live environments. Stakeholder engagement is a huge part of the role as well. You ll work closely with Enterprise Architects, Operational Analysts, engineering teams, MOD stakeholders, security authorities, and industry partners, so being able to communicate complex technical concepts clearly is very important here. From a technical perspective, they re looking for experience across areas such as: Technical and infrastructure architecture Secure cloud and hybrid cloud environments Kubernetes and containerisation Systems integration and interoperability Secure network design and Zero Trust principles API and event-driven architecture Cyber security architecture and technical assurance Infrastructure-as-Code and modern DevOps tooling Experience with technologies and tooling such as VMware, Kubernetes, Git, Jira, Confluence, DevOps platforms, Sparx Enterprise Architect, and Infrastructure-as-Code tooling would all be very useful. Experience working in R&D within defence, MOD, NATO, government, or other highly regulated environments is highly desirable, especially where you ve supported secure systems, cloud transformation, operational technology, or complex integration programmes previously. They re looking for someone who enjoys solving complex technical challenges, influencing technical direction, and helping organisations modernise their technology environments without compromising security, resilience, or operational effectiveness. If you enjoy architecture work that has genuine strategic importance, exposure to emerging defence technologies, and the opportunity to shape large-scale secure technical environments, this is a role well worth exploring. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
Jun 27, 2026
Contractor
Role: Operational Analyst Location: Hybrid UK-based working with travel to MOD, defence industry, and secure customer sites as required Duration: Initial 3-month contract with extension options available Clearance: SC clearance required Rate: £500-£750/day Key skills Operational Analysis, Operational Research, Defence Capability Assessment, Modelling & Simulation, Data Analytics, AI-enabled Defence Systems You ve worked in defence, national security, or complex government environments where decisions cannot be based on guesswork. You know how to take large amounts of operational, technical, or programme data and turn it into evidence that actually helps people make better decisions. Whether that s assessing military capability, analysing operational effectiveness, modelling future scenarios, or supporting investment decisions, you understand how valuable good analysis can be in high-stakes environments. You re probably also someone who enjoys solving difficult problems. The kind of person who likes understanding how systems, people, technology, and operational requirements all fit together. If that sounds like you, this role is well worth a look. I m working with a cyber security technology company that is looking for an Operational Analyst to support major capability development, experimentation, and operational research programmes across the MOD R&D landscape. This is the kind of role where your work will directly contribute towards future defence capability, operational advantage, and strategic decision-making. You ll be involved in analysing emerging technologies, assessing military utility, supporting experimentation activities, and helping shape future operating concepts across complex defence programmes. There s also a major focus around modern digital capability and AI-enabled defence systems. You ll be working in an environment exploring technologies such as artificial intelligence, autonomous systems, data fabric, data-centred security, and modern command-and-control platforms. They re looking for someone who understands how analytical methods and operational research can support the adoption of these technologies in real-world defence settings. This role will see you conducting both quantitative and qualitative operational analysis, building analytical models, carrying out scenario assessments, analysing operational risks and dependencies, and developing evidence-based recommendations for senior stakeholders. You ll also support experimentation programmes, capability assessments, and investment decision-making activities, helping ensure that future defence capabilities are backed by robust operational evidence. A big part of the role involves engaging with stakeholders across MOD delivery teams, front-line commands, defence science organisations, industry partners, and senior military personnel, so being able to communicate complex findings clearly is very important here. From a technical perspective, they re looking for someone with experience across areas such as: Operational Analysis and Operational Research Defence capability assessment and capability planning Modelling and simulation Statistical analysis and data analytics Risk and cost-effectiveness analysis Scenario modelling and experimentation Defence capability development and acquisition programmes Experience with tools such as Python, R, MATLAB, Power BI, Tableau, Simul8, AnyLogic, Arena, or similar analytical platforms would be very beneficial. Experience working within MOD, NATO, defence industry, or secure government environments is highly desirable, particularly if you ve supported defence experimentation, capability development, or operational research activities previously. They re looking for someone who can work comfortably in complex R&D environments, engage confidently with senior stakeholders, and bring analytical rigour to programmes where the quality of evidence genuinely matters. If you enjoy operational research, defence analysis, emerging technology, and work that has real strategic importance, this is a genuinely interesting opportunity to get involved in. If it sounds like the kind of challenge you d enjoy, apply now or get in touch to find out more. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.
CBSbutler Holdings Limited trading as CBSbutler
Portsmouth, Hampshire
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
Jun 27, 2026
Contractor
Senior SOC Analyst +9 months + +DV cleared role - current active DV clearance is essential +Inside IR35 + 575 - 630 a day +Corsham / Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond tooling. Configure, implement and support new security monitoring technologies. Develop detection rules, correlation logic, automation scripts and response playbooks. Manage vulnerability scanning platforms and contribute to wider SOC strategy. Integrate and onboard standard and non-standard log sources into SIEM platforms. Monitor, investigate and respond to security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics and malware analysis. Strong understanding of Windows and Linux environments. Experience writing and tuning detection signatures, correlation rules and monitoring use cases. Knowledge of log collection, aggregation and analysis technologies including ELK Stack, Syslog and Windows Event Forwarding. Experience with scripting and automation using Python, PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles.
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
Jun 27, 2026
Full time
IT Support Engineer - Fareham - Not For Profit Sector - Up to 28,000 - 37 hour week + Benefits, 25 Days Holiday (Rising to 30) + Bank Holidays We are looking for a proactive and detail-oriented IT Support Engineer to join a well-established Not for Profit organisation based in Fareham. You'll be working within a collaborative IT team, maintaining and supporting the businesses IT systems. The organisation employ close to 400 people and are expanding. This is a fantastic opportunity for someone with a passion for IT to take ownership of a varied role, working closely with internal stakeholders and end users to strengthen IT. The environment encourages continuous improvement, knowledge sharing, and the opportunity to influence practices across the organisation. IT Support Engineer Key Skills: Microsoft 365 Solutions Microsoft Entra Intune Exchange Online Teams administration Autopilot Active Directory Users/Computers Management Networking Experience of managing SaaS based systems Used to handling access control requests Microsoft SharePoint Maintain quality and governance in recording data Cyber security awareness You will be an analytical and organised IT Support Engineer with strong problem-solving skills and the ability to communicate effectively with both technical and non-technical stakeholders. A collaborative mindset and willingness to learn are essential. We are not expecting the IT Security Analyst to be an expert in all the technologies above, just a solid foundation and a genuine interest in developing within IT industry. We are actively interviewing, so apply now for immediate consideration for the IT Support Engineer role or contact us for further information.
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Jun 27, 2026
Contractor
OT Cyber Security Analyst Culham, Oxfordshire (2 days onsite per week) 50/hour Umbrella 36.43/hour PAYE Contract until 18th December 2026 Active SC Clearance Required (or lapsed within last 12 months) A government backed organisation is hiring an OT Cyber Security Analyst with industry experience in Oil & Gas or Chemical. You must a strong background in SIEM & SOC integration coupled with OT security frameworks IEC 62443, NIST CSF, CAF, ISO 27001 to support the protection and continuous improvement of Operational Technology (OT) environments across critical infrastructure and industrial systems. This is an exciting opportunity to join a highly secure and technically advanced environment working on large-scale, mission-critical infrastructure programmes. The Role You will play a key role in implementing, operating, and improving OT cyber security controls across complex ICS and critical infrastructure environments. The role combines hands-on security engineering with governance, policy creation, monitoring, and operational support. Working closely with engineering teams, SOC providers, and managed service partners, you will help ensure OT systems remain secure, compliant, and aligned to industry frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001. Key Responsibilities Implement and maintain OT security controls across industrial environments Support OT network segmentation and secure remote access solutions Integrate OT environments into SIEM/SOC platforms Develop and tune OT threat detection rules Conduct OT security assessments, gap analysis, and remediation planning Support OT incident response and investigation activities Collaborate with engineering and operations teams to implement secure changes Produce governance documentation, standards, and reporting artefacts Track OT security maturity and continuous improvement initiatives Essential Experience Previous experience within OT/ICS or critical infrastructure environments Background within sectors such as oil & gas, rail, utilities, manufacturing, or chemical processing Strong understanding of OT security frameworks including IEC 62443, NIST CSF, CAF, and ISO 27001 Experience implementing OT security strategies, controls, and standards Knowledge of industrial networks, segmentation, and OT protocols Experience working with engineering and operational technology teams Strong documentation and stakeholder communication skills Familiarity with SIEM/SOC integration within OT environments Active SC Clearance (or lapsed within the last 12 months) Maximum 2 week notice period Desirable OT asset discovery and monitoring tool experience Exposure to NIS regulations / UK CAF compliance Experience with ITSM and service delivery processes One stage interview process, via MS Teams.
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
Jun 27, 2026
Full time
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office near Cheltenham, Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Jun 27, 2026
Contractor
This role provides interim leadership of network, cyber, and infrastructure services within a public sector organisation. You will manage a team of engineers while ensuring secure, resilient, and high-performing IT operations. Client Details Our client is a well-established organisation within the public sector, delivering critical services across a diverse and dynamic environment. They are seeking an experienced Interim IT Network Manager to provide interim leadership across their network and cyber functions, ensuring the continued stability, security, and performance of their IT services. Description Lead and manage a team of approximately 10 Network and Cyber Analysts and Engineers, providing direction, mentoring, and performance management. Oversee the organisation's network infrastructure, cyber security posture, and core IT services. Ensure high levels of system resilience, availability, and security across all infrastructure. Drive best practice across network operations, cyber governance, and infrastructure management. Collaborate with senior stakeholders to align IT services with organisational priorities. Manage incident response, risk mitigation, and continuous service improvement initiatives. Contribute to IT strategy, roadmap planning, and transformation programmes. This is a fractional role, working 4 days per week, with 50% of that time at the head office near Cheltenham, Gloucestershire. Profile As the successful Interim IT Network Manager you should have strong technical knowledge in: Enterprise networking (LAN/WAN, firewalls, routing & switching). Cyber security principles, standards, and best practice. Broad IT infrastructure (servers, cloud platforms, end-user environments). In addition, you will have Proven experience managing technical IT teams, particularly within networking or infrastructure environments. Ability to lead in a people-focused, hands-off but technically credible role. Experience within public sector or regulated environments is desirable. Strong stakeholder management and communication skills. Delivery-focused and pragmatic with strong problem-solving ability. Job Offer Day rate: 500 - 600 (Inside IR35) Contract: 4 days per week (fractional role) Duration: 12 Months Location: 50% onsite in Gloucestershire, remainder remote Opportunity to lead an established, high-performing team Blend of strategic leadership and technical oversight Immediate impact in a service-driven organisation This is a fantastic opportunity for an experienced Interim IT Network Manager to make a meaningful impact within the public sector. If you're ready to take the next step in your career, we encourage you to apply today.
Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .
Jun 26, 2026
Full time
Salary: £43,090 - £46,500 Contract Type: Permanent Working Pattern: This post is available on a full-time, part-time or job-share basis, and flexible working hours can be accommodated. Location: Darlington The Resilience & Resolution team is hiring a policy adviser to support the team's work in identifying and managing emerging risks to the financial stability of the UK, and preparing and responding where risks crystalise. About the Team The Resilience & Resolution (R&R) team works at the heart of government, partnering with the Bank of England, financial regulators and departments across Whitehall to spot risks to the financial sector and lead the Treasury's response when issues arise. It's a fast-paced, high-profile team with regular exposure to senior officials and ministers. We're a friendly and inclusive team that genuinely prioritises wellbeing, supporting you to deliver while maintaining a healthy work/life balance. About the Job This is a varied and stretching role, offering the chance to work across a broad range of high-profile policy issues and build strong stakeholder relationships. Your work will directly support UK national security, reflecting HMT's role as Lead Government Department for the finance sector. In this role, you will: Provide expert advice on cyber security issues in the financial sector, shaping policy across HMT and wider government. You'll develop and own policy in areas such as cyber legislation, ransomware and artificial intelligence. Build and maintain strong relationships with key stakeholders across the Bank of England, regulators, national security partners and government departments to help deliver HMT's objectives. Represent HMT internationally, including at G7 Cyber Experts' Group workstreams, and lead engagement with key partners such as the Five Eyes to influence the global resilience agenda. Play an active role in responding to operational incidents, including cyber attacks, to help minimise impacts on the financial sector and consumers. The team's work is fast-moving and diverse - from designing policy, to running war-game exercises, to working with international partners. You'll also have regular opportunities to contribute to advice for senior officials and ministers, making this a great role for someone curious, proactive and keen to make an impact. About You We're looking for someone who can build strong relationships across teams and use those connections to move work forward. You'll be confident working with complex information, able to weigh up different options and clearly explain your recommendations. You'll also be comfortable delivering at pace, managing competing priorities and staying focused when demands shift. Some of the Benefits our people love! 25 days annual leave (rising to 30 after 5 years), plus 8 public holidays and the King's birthday (unless you have a legacy arrangement as an existing Civil Servant). Additionally, we operate flexitime systems, allowing employees to take up to an additional 2 days off each month Flexible working patterns (part-time, job-share, condensed hours) Generous parental and adoption leave packages Access to a generous Defined Benefit pension scheme with employer contributions of 28.97% Access to a cycle-to-work salary sacrifice scheme and season ticket advances A range of active staff networks, based around interests (e.g. analysts, music society, sports and social club) and diversity For more information about the role and how to apply, please follow the apply link. If you need any reasonable adjustments to take part in the selection process, please tell us about this in your online application form, or speak to the recruitment team at .
