SOC Engineer Milton Keynes - Hybrid working SC Clearance Sponsorship Available £55,000 + Bonus We're seeking a hands-on SOC Engineer to join a growing Cyber Security Operations Centre supporting a diverse portfolio of customers across multiple sectors This is a specialist SOC Engineering position focused on building, maintaining, and optimising the tools, telemetry, detections, and automation that enable SOC Analysts to identify and respond to threats effectively. This is not a generalist cyber security role. Key Responsibilities Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention. Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL. Onboard and manage security telemetry from a range of data sources. Design, implement, and tune detection rules to improve alert quality and reduce false positives. Conduct proactive threat hunting using SIEM, EDR, and threat intelligence sources. Support incident investigations, containment, and response activities. Monitor and maintain the health of SOC tooling, sensors, agents, and log pipelines. Produce documentation, runbooks, and operational procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong Scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge including TCP/IP, DNS, Firewalls, and proxies. Experience within a SOC, NOC, or 24/7 operational environment. Familiarity with MITRE ATT&CK, CVEs, and vulnerability management. Exposure to cloud security monitoring across Azure, AWS, or Microsoft 365. Desirable Certifications Microsoft SC-200 CompTIA Security+/CySA+ ISC2 CC or CISSP GIAC GCIA CEH Cisco CyberOps or Fortinet certifications What's on Offer? Opportunity to work within a mature and growing SOC environment. Exposure to a wide range of customer environments and technologies. Security Clearance sponsorship available for eligible candidates. Clear opportunities to contribute to automation, detection engineering, and SOC improvement initiatives. Location: Milton Keynes (full-time onsite) Working Pattern: Shift rota including evenings, weekends, bank holidays on-call support. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Jul 08, 2026
Full time
SOC Engineer Milton Keynes - Hybrid working SC Clearance Sponsorship Available £55,000 + Bonus We're seeking a hands-on SOC Engineer to join a growing Cyber Security Operations Centre supporting a diverse portfolio of customers across multiple sectors This is a specialist SOC Engineering position focused on building, maintaining, and optimising the tools, telemetry, detections, and automation that enable SOC Analysts to identify and respond to threats effectively. This is not a generalist cyber security role. Key Responsibilities Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention. Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL. Onboard and manage security telemetry from a range of data sources. Design, implement, and tune detection rules to improve alert quality and reduce false positives. Conduct proactive threat hunting using SIEM, EDR, and threat intelligence sources. Support incident investigations, containment, and response activities. Monitor and maintain the health of SOC tooling, sensors, agents, and log pipelines. Produce documentation, runbooks, and operational procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong Scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge including TCP/IP, DNS, Firewalls, and proxies. Experience within a SOC, NOC, or 24/7 operational environment. Familiarity with MITRE ATT&CK, CVEs, and vulnerability management. Exposure to cloud security monitoring across Azure, AWS, or Microsoft 365. Desirable Certifications Microsoft SC-200 CompTIA Security+/CySA+ ISC2 CC or CISSP GIAC GCIA CEH Cisco CyberOps or Fortinet certifications What's on Offer? Opportunity to work within a mature and growing SOC environment. Exposure to a wide range of customer environments and technologies. Security Clearance sponsorship available for eligible candidates. Clear opportunities to contribute to automation, detection engineering, and SOC improvement initiatives. Location: Milton Keynes (full-time onsite) Working Pattern: Shift rota including evenings, weekends, bank holidays on-call support. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Our client is a Global FinTech with offices around the world inc Bristol and London in the UK . This AI Deployment Engineer role can be based out of Bristol or London offices. Ideally 3 days per week in the office but could be a little bit more flexible for the ideal candidate. AI Deployment Engineer Location: Bristol or London - Hybrid, 3 days in the office Salary: £80,000 - £130,000 p/a dependent on experience + excellent benefits You will be the deep technical engine behind their internal AI deployment team. Where the AI Deployment Strategist scopes and builds agents, you own the infrastructure underneath data pipelines, system integrations, and everything that ensures deployed AI solutions work reliably at scale. You will take prototypes to production, ensure all business systems communicate correctly, and build the technical backbone that our AI tooling depends on. Job Responsibilities • Own the data infrastructure underpinning AI deployments pipelines, storage, and data serving • Integrate AI solutions into the existing business ecosystem: CRMs, ERPs, SaaS tools, and internal systems • Build and maintain APIs, webhooks, and middleware that allow AI agents to interact with business systems • Take Strategist-built prototypes to production-grade hardening, scaling, and ensuring reliability • Set up monitoring, logging, and alerting across deployed pipelines and agent infrastructure • Manage data models, schemas, and storage supporting current and future AI deployments • Troubleshoot integration failures, data inconsistencies, and production issues Key Skills • Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot Desirable Skills • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). Experience • 3 5 years in software or data engineering with strong exposure to system integrations, data pipelines, and production infrastructure. • Strong Python and SQL skills; experienced building robust, production-grade data pipelines from scratch. • Deep familiarity with integration patterns: REST APIs, webhooks, OAuth, and event-driven architectures. • Experience with orchestration tools (Airflow, Prefect, or Dagster) and transformation frameworks (dbt or similar). • Comfortable across cloud platforms (AWS, GCP, or Azure) and with containerisation (Docker, Kubernetes). • Experience connecting disparate business systems SaaS platforms, internal databases, and third-party APIs and making them work reliably. • Strong debugging instincts and a high bar for reliability and data integrity. • Comfortable with Microsoft 365 and Microsoft Copilot. Familiarity with AI productivity tools including Claude Code, Claude Cowork, and Claude Skills is a plus. Qualifications • Bachelor's degree in Computer Science, Engineering, or equivalent practical experience Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). London bristol bristol london fintech finance bank artificial intelligence artificial intelligence
Jul 08, 2026
Full time
Our client is a Global FinTech with offices around the world inc Bristol and London in the UK . This AI Deployment Engineer role can be based out of Bristol or London offices. Ideally 3 days per week in the office but could be a little bit more flexible for the ideal candidate. AI Deployment Engineer Location: Bristol or London - Hybrid, 3 days in the office Salary: £80,000 - £130,000 p/a dependent on experience + excellent benefits You will be the deep technical engine behind their internal AI deployment team. Where the AI Deployment Strategist scopes and builds agents, you own the infrastructure underneath data pipelines, system integrations, and everything that ensures deployed AI solutions work reliably at scale. You will take prototypes to production, ensure all business systems communicate correctly, and build the technical backbone that our AI tooling depends on. Job Responsibilities • Own the data infrastructure underpinning AI deployments pipelines, storage, and data serving • Integrate AI solutions into the existing business ecosystem: CRMs, ERPs, SaaS tools, and internal systems • Build and maintain APIs, webhooks, and middleware that allow AI agents to interact with business systems • Take Strategist-built prototypes to production-grade hardening, scaling, and ensuring reliability • Set up monitoring, logging, and alerting across deployed pipelines and agent infrastructure • Manage data models, schemas, and storage supporting current and future AI deployments • Troubleshoot integration failures, data inconsistencies, and production issues Key Skills • Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot Desirable Skills • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). Experience • 3 5 years in software or data engineering with strong exposure to system integrations, data pipelines, and production infrastructure. • Strong Python and SQL skills; experienced building robust, production-grade data pipelines from scratch. • Deep familiarity with integration patterns: REST APIs, webhooks, OAuth, and event-driven architectures. • Experience with orchestration tools (Airflow, Prefect, or Dagster) and transformation frameworks (dbt or similar). • Comfortable across cloud platforms (AWS, GCP, or Azure) and with containerisation (Docker, Kubernetes). • Experience connecting disparate business systems SaaS platforms, internal databases, and third-party APIs and making them work reliably. • Strong debugging instincts and a high bar for reliability and data integrity. • Comfortable with Microsoft 365 and Microsoft Copilot. Familiarity with AI productivity tools including Claude Code, Claude Cowork, and Claude Skills is a plus. Qualifications • Bachelor's degree in Computer Science, Engineering, or equivalent practical experience Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). Python & SQL (production-grade pipeline development) • REST APIs, webhooks, OAuth, event-driven architecture • Orchestration tools: Airflow, Prefect, or Dagster • Cloud platforms: AWS, GCP, or Azure • Docker & Kubernetes Microsoft 365 & Microsoft Copilot • Vector databases and embedding pipelines • Real-time streaming (Kafka, Flink) • RPA tooling (UiPath, Power Automate) dbt for data transformation • Claude Code, Claude Cowork, or Claude Skills • Experience with vector databases, real-time streaming (Kafka, Flink), or RPA tooling (UiPath, Power Automate). London bristol bristol london fintech finance bank artificial intelligence artificial intelligence
Senior Solutions Architect (Cyber Security) Salary: £110,000 - £130,000 basic (OTE £147,000 - £173,000) + attractive benefits Location: UK (Remote / Hybrid London) Employment : Full Time, Permanent This is an opportunity to join a high-growth, PE-backed cybersecurity vendor trusted by Government, Defence and enterprise organisations worldwide. Following significant investment and continued international expansion, the business is scaling its commercial and technical teams across the UK and EMEA. This newly created position will play a pivotal role in helping customers solve complex cybersecurity challenges, acting as the technical bridge between Sales, Product and Engineering. You'll work with customers across Government, Defence, Intelligence, Financial Services and Enterprise, leading technical discovery, demonstrations, Proof of Concepts (POCs) and solution design whilst influencing the company's go-to-market strategy. The Role As a Senior Solutions Architect, you'll become the trusted technical advisor throughout the sales cycle. This is a customer-facing technical pre-sales position where you'll partner with Enterprise Sales to understand customer requirements, design tailored security solutions and independently deliver successful Proof of Concepts. The ideal person enjoys solving customer problems, troubleshooting technical challenges and communicating complex concepts to both technical and non-technical stakeholders. Solutions Architect Responsibilities Partner with Enterprise Sales throughout the sales cycle. Lead technical discovery workshops and customer consultations. Design and present tailored cybersecurity solutions. Deliver demonstrations, workshops and Proof of Concepts (POCs). Troubleshoot technical issues and integrations with minimal reliance on Engineering. Support RFPs, RFIs and technical evaluations. Advise customers across cloud, hybrid and on-premise environments. Collaborate with Product and Engineering to influence product direction. Build trusted relationships with Government, Defence and Enterprise customers. Represent company across UK & EMEA customer engagements. Solutions Architect Benefits £110,000 - £130,000 basic salary with uncapped commission (75/25 split). Join a PE-backed cybersecurity vendor investing heavily across UK & EMEA. Newly created role with genuine influence on technical strategy. Work with enterprise, Government and Defence customers on mission-critical projects. Remote-first culture with occasional London/customer travel. Private medical, life assurance, critical illness and income protection. Clear progression as the business continues to scale internationally. Solutions Architect Requirements: Experience as a Solutions Architect, Pre-Sales Engineer, Sales Engineer, Solutions Consultant or Technical Consultant. Background within cybersecurity, networking or enterprise software. Strong customer-facing communication and stakeholder management. Experience delivering technical workshops, demonstrations and POCs. Ability to troubleshoot customer environments and solve technical problems independently. Knowledge of cloud platforms (AWS, Azure or GCP), networking and APIs. Able to communicate complex technical concepts to technical and commercial audiences. Comfortable working across Sales, Product and Engineering. Desirable: Government, Defence or Intelligence sector experience. Knowledge of Cross Domain Solutions, Zero Trust, ICAP, CASB or modern cybersecurity architectures. Python or scripting experience. Exposure to Kubernetes, Docker, virtualisation or containerised environments. To Be Considered: Please either apply by clicking online or emailing
Jul 07, 2026
Full time
Senior Solutions Architect (Cyber Security) Salary: £110,000 - £130,000 basic (OTE £147,000 - £173,000) + attractive benefits Location: UK (Remote / Hybrid London) Employment : Full Time, Permanent This is an opportunity to join a high-growth, PE-backed cybersecurity vendor trusted by Government, Defence and enterprise organisations worldwide. Following significant investment and continued international expansion, the business is scaling its commercial and technical teams across the UK and EMEA. This newly created position will play a pivotal role in helping customers solve complex cybersecurity challenges, acting as the technical bridge between Sales, Product and Engineering. You'll work with customers across Government, Defence, Intelligence, Financial Services and Enterprise, leading technical discovery, demonstrations, Proof of Concepts (POCs) and solution design whilst influencing the company's go-to-market strategy. The Role As a Senior Solutions Architect, you'll become the trusted technical advisor throughout the sales cycle. This is a customer-facing technical pre-sales position where you'll partner with Enterprise Sales to understand customer requirements, design tailored security solutions and independently deliver successful Proof of Concepts. The ideal person enjoys solving customer problems, troubleshooting technical challenges and communicating complex concepts to both technical and non-technical stakeholders. Solutions Architect Responsibilities Partner with Enterprise Sales throughout the sales cycle. Lead technical discovery workshops and customer consultations. Design and present tailored cybersecurity solutions. Deliver demonstrations, workshops and Proof of Concepts (POCs). Troubleshoot technical issues and integrations with minimal reliance on Engineering. Support RFPs, RFIs and technical evaluations. Advise customers across cloud, hybrid and on-premise environments. Collaborate with Product and Engineering to influence product direction. Build trusted relationships with Government, Defence and Enterprise customers. Represent company across UK & EMEA customer engagements. Solutions Architect Benefits £110,000 - £130,000 basic salary with uncapped commission (75/25 split). Join a PE-backed cybersecurity vendor investing heavily across UK & EMEA. Newly created role with genuine influence on technical strategy. Work with enterprise, Government and Defence customers on mission-critical projects. Remote-first culture with occasional London/customer travel. Private medical, life assurance, critical illness and income protection. Clear progression as the business continues to scale internationally. Solutions Architect Requirements: Experience as a Solutions Architect, Pre-Sales Engineer, Sales Engineer, Solutions Consultant or Technical Consultant. Background within cybersecurity, networking or enterprise software. Strong customer-facing communication and stakeholder management. Experience delivering technical workshops, demonstrations and POCs. Ability to troubleshoot customer environments and solve technical problems independently. Knowledge of cloud platforms (AWS, Azure or GCP), networking and APIs. Able to communicate complex technical concepts to technical and commercial audiences. Comfortable working across Sales, Product and Engineering. Desirable: Government, Defence or Intelligence sector experience. Knowledge of Cross Domain Solutions, Zero Trust, ICAP, CASB or modern cybersecurity architectures. Python or scripting experience. Exposure to Kubernetes, Docker, virtualisation or containerised environments. To Be Considered: Please either apply by clicking online or emailing
Security Solutions Architect London Hybrid A leading global financial services organisation is seeking an experienced Security Solutions Architect to join its Architecture function, shaping and delivering secure, resilient technology solutions across a complex enterprise environment. The Role You will be responsible for designing and governing security architecture across a range of strategic technology initiatives, ensuring solutions are secure by design, scalable, and aligned to business and regulatory requirements. Working closely with architecture, engineering, and delivery teams, you will produce high-level designs, conduct threat modelling and risk assessments, and provide architectural leadership throughout project lifecycles. Key Responsibilities Develop high-level security architecture and solution designs for enterprise technology initiatives. Evaluate emerging technologies and security tooling, providing recommendations and business justification. Conduct threat modelling, security risk assessments, and secure-by-design reviews. Define security controls, network architectures, and data flow models for internal and external integrations. Provide technical guidance to engineering, testing, and delivery teams during implementation. Contribute to security roadmaps, standards, policies, and architectural best practices. Engage with senior stakeholders across technology and business functions. About You Proven experience as a Security Architect, Solutions Architect, or Security Design Lead within a complex enterprise environment. Strong background across multiple security domains, including Identity & Access Management, SIEM, Cyber Threat Intelligence, Data Security, Application Security, Network Security, and Privileged Access Management. Experience designing security solutions across cloud, infrastructure, networking, automation, containerisation, and end-user technology environments. Strong understanding of networking technologies including firewalls, VPNs, IDS/IPS, secure remote access, and data transfer solutions. Demonstrated experience producing architecture documentation and presenting solutions to governance and design authorities. Excellent stakeholder management, communication, and influencing skills. Desirable Qualifications CISSP or equivalent security architecture certification. Cloud security certifications (AWS, Azure, or similar). Microsoft Cybersecurity Architect, AWS Security Specialty, or related credentials. What's on Offer Opportunity to influence security strategy within a highly regulated, mission-critical environment. Exposure to complex global technology programmes. Collaborative and innovative culture with strong investment in technology and security. Apply Now to avoid disappointment! To find out more about Huxley, please visit (url removed) Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Jul 07, 2026
Full time
Security Solutions Architect London Hybrid A leading global financial services organisation is seeking an experienced Security Solutions Architect to join its Architecture function, shaping and delivering secure, resilient technology solutions across a complex enterprise environment. The Role You will be responsible for designing and governing security architecture across a range of strategic technology initiatives, ensuring solutions are secure by design, scalable, and aligned to business and regulatory requirements. Working closely with architecture, engineering, and delivery teams, you will produce high-level designs, conduct threat modelling and risk assessments, and provide architectural leadership throughout project lifecycles. Key Responsibilities Develop high-level security architecture and solution designs for enterprise technology initiatives. Evaluate emerging technologies and security tooling, providing recommendations and business justification. Conduct threat modelling, security risk assessments, and secure-by-design reviews. Define security controls, network architectures, and data flow models for internal and external integrations. Provide technical guidance to engineering, testing, and delivery teams during implementation. Contribute to security roadmaps, standards, policies, and architectural best practices. Engage with senior stakeholders across technology and business functions. About You Proven experience as a Security Architect, Solutions Architect, or Security Design Lead within a complex enterprise environment. Strong background across multiple security domains, including Identity & Access Management, SIEM, Cyber Threat Intelligence, Data Security, Application Security, Network Security, and Privileged Access Management. Experience designing security solutions across cloud, infrastructure, networking, automation, containerisation, and end-user technology environments. Strong understanding of networking technologies including firewalls, VPNs, IDS/IPS, secure remote access, and data transfer solutions. Demonstrated experience producing architecture documentation and presenting solutions to governance and design authorities. Excellent stakeholder management, communication, and influencing skills. Desirable Qualifications CISSP or equivalent security architecture certification. Cloud security certifications (AWS, Azure, or similar). Microsoft Cybersecurity Architect, AWS Security Specialty, or related credentials. What's on Offer Opportunity to influence security strategy within a highly regulated, mission-critical environment. Exposure to complex global technology programmes. Collaborative and innovative culture with strong investment in technology and security. Apply Now to avoid disappointment! To find out more about Huxley, please visit (url removed) Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
Senior Data Engineer / Architect (Legal Tech) Location: London / Remote Position Type: Full-time, Permanent About Our Client Our client is a globally operational professional services organisation dedicated to delivering top-tier strategic, advisory, and technological solutions to a prestigious international clientele. As they continue to modernise their global data infrastructure, they are seeking a visionary and execution-focused Senior Data Engineer / Architect with a specialised background in the legal sector to drive their enterprise data strategy. Position Overview In this pivotal role, you will bridge the gap between enterprise data architecture and legal tech execution. You will be responsible for designing, building, and optimising a scalable global data estate that integrates critical legal practice management systems with cutting-edge analytics platforms. The ideal candidate possesses deep expertise in Aderant (expert-level understanding of its underlying data structures and schemas) and a proven track record of architecting modern, cloud-native data solutions using Microsoft Fabric . Key Responsibilities Enterprise Data Architecture: Architect, build, and maintain the global data infrastructure, transitioning legacy data warehouses into a modern, unified data lakehouse environment using MS Fabric . Legal Tech Integration: Serve as the subject matter expert for Aderant data structures. Design and implement robust ETL/ELT pipelines to extract, transform, and load data from Aderant Expert/Sierra and other legal tech systems (e.g., iManage, Intapp) into the central data ecosystem. Data Modelling & Governance: Design high-performance relational and dimensional data models tailored for legal metrics (e.g., lockup, realisation rates, WIP, billable hours, and utilisation). Ensure strict data governance, security, and compliance across global jurisdictions. Analytics Enabler: Partner with Business Intelligence (BI) teams to deliver clean, curated, and near-real-time data products, enabling advanced reporting and AI-driven insights via Power BI. Stakeholder Collaboration: Act as a technical liaison between global legal operations, finance teams, and IT leadership to translate complex business requirements into scalable technical solutions. Required Experience & Qualifications Industry Experience: Minimum of 5+ years of data engineering or architecture experience specifically within the legal sector (top-tier law firms or legal professional services firms). Aderant Expertise: Deep, hands-on experience navigating and querying the Aderant database schema . You must thoroughly understand how legal financial data, timekeeping, and billing workflows map to the back-end tables. Microsoft Fabric Mastery: Proven experience working within the MS Fabric ecosystem (OneLake, Data Factory, Synapse Data Engineering/Data Science, and Real-Time Analytics). Core Data Stack: High proficiency in advanced SQL , Python/PySpark, and data lakehouse architectures (Delta Lake). Cloud Infrastructure: Strong understanding of Microsoft Azure data services (Azure Data Factory, Azure Synapse, Azure SQL, Key Vault) as they relate to Fabric integrations. Legal Data Domain Knowledge: Strong familiarity with legal operations terminology and financial metrics (KPIs for partners, practice groups, and matter management). Preferred Qualifications Certifications such as Microsoft Certified: Azure Data Engineer Associate or Fabric Analytics Engineer Associate . Experience migrating on-premise Aderant environments to cloud-based setups (Aderant Expert Sierra). Familiarity with international data privacy laws (GDPR, UK DPA 2018) within a legal framework. What We Offer Exposure to cutting-edge AI and data analytics tools within the Microsoft ecosystem. Highly competitive compensation package, flexible working arrangements (Hybrid/Remote), and clear paths for executive-level career progression.
Jul 05, 2026
Full time
Senior Data Engineer / Architect (Legal Tech) Location: London / Remote Position Type: Full-time, Permanent About Our Client Our client is a globally operational professional services organisation dedicated to delivering top-tier strategic, advisory, and technological solutions to a prestigious international clientele. As they continue to modernise their global data infrastructure, they are seeking a visionary and execution-focused Senior Data Engineer / Architect with a specialised background in the legal sector to drive their enterprise data strategy. Position Overview In this pivotal role, you will bridge the gap between enterprise data architecture and legal tech execution. You will be responsible for designing, building, and optimising a scalable global data estate that integrates critical legal practice management systems with cutting-edge analytics platforms. The ideal candidate possesses deep expertise in Aderant (expert-level understanding of its underlying data structures and schemas) and a proven track record of architecting modern, cloud-native data solutions using Microsoft Fabric . Key Responsibilities Enterprise Data Architecture: Architect, build, and maintain the global data infrastructure, transitioning legacy data warehouses into a modern, unified data lakehouse environment using MS Fabric . Legal Tech Integration: Serve as the subject matter expert for Aderant data structures. Design and implement robust ETL/ELT pipelines to extract, transform, and load data from Aderant Expert/Sierra and other legal tech systems (e.g., iManage, Intapp) into the central data ecosystem. Data Modelling & Governance: Design high-performance relational and dimensional data models tailored for legal metrics (e.g., lockup, realisation rates, WIP, billable hours, and utilisation). Ensure strict data governance, security, and compliance across global jurisdictions. Analytics Enabler: Partner with Business Intelligence (BI) teams to deliver clean, curated, and near-real-time data products, enabling advanced reporting and AI-driven insights via Power BI. Stakeholder Collaboration: Act as a technical liaison between global legal operations, finance teams, and IT leadership to translate complex business requirements into scalable technical solutions. Required Experience & Qualifications Industry Experience: Minimum of 5+ years of data engineering or architecture experience specifically within the legal sector (top-tier law firms or legal professional services firms). Aderant Expertise: Deep, hands-on experience navigating and querying the Aderant database schema . You must thoroughly understand how legal financial data, timekeeping, and billing workflows map to the back-end tables. Microsoft Fabric Mastery: Proven experience working within the MS Fabric ecosystem (OneLake, Data Factory, Synapse Data Engineering/Data Science, and Real-Time Analytics). Core Data Stack: High proficiency in advanced SQL , Python/PySpark, and data lakehouse architectures (Delta Lake). Cloud Infrastructure: Strong understanding of Microsoft Azure data services (Azure Data Factory, Azure Synapse, Azure SQL, Key Vault) as they relate to Fabric integrations. Legal Data Domain Knowledge: Strong familiarity with legal operations terminology and financial metrics (KPIs for partners, practice groups, and matter management). Preferred Qualifications Certifications such as Microsoft Certified: Azure Data Engineer Associate or Fabric Analytics Engineer Associate . Experience migrating on-premise Aderant environments to cloud-based setups (Aderant Expert Sierra). Familiarity with international data privacy laws (GDPR, UK DPA 2018) within a legal framework. What We Offer Exposure to cutting-edge AI and data analytics tools within the Microsoft ecosystem. Highly competitive compensation package, flexible working arrangements (Hybrid/Remote), and clear paths for executive-level career progression.
Cybersecurity Engineer Permanent £70-80k Location: Surrey (Hybrid 3 days on site) We are recruiting an experienced Cybersecurity Engineer to join a global organisation committed to strengthening and evolving its cybersecurity capabilities. This role will focus on identifying, assessing and mitigating cyber threats across enterprise systems while helping to shape and improve the organisation s overall security posture. Key Responsibilities Cybersecurity Operations & Threat Management Conduct ongoing threat assessments across operational systems and infrastructure Identify vulnerabilities, threat vectors and areas of security risk Design and implement security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents and testing activities Security Governance & Risk Management Support cybersecurity risk management and compliance initiatives Contribute to security architecture reviews and secure system design discussions Assess third-party and supply chain cybersecurity risks Support vulnerability management, penetration testing and security review activities Develop and report on security metrics and KPIs to demonstrate programme effectiveness Stay informed of relevant legal, regulatory and industry cybersecurity requirements Security Improvement & Collaboration Contribute to security awareness training and internal security initiatives Support red team/blue team exercises and resilience testing Assist with business continuity and disaster recovery planning from a cybersecurity perspective Work collaboratively with infrastructure, architecture and operational teams to strengthen security practices Communicate complex security concepts effectively to both technical and non-technical stakeholders Required Experience Minimum 5 years experience in cybersecurity or information security roles Strong understanding of network protocols, operating systems and enterprise security technologies Experience implementing and managing SIEM and SOAR platforms Knowledge of cybersecurity frameworks such as NIST, ISO27001, CIS benchmarks and Cyber Essentials Experience with threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain Familiarity with Data Loss Prevention technologies and Microsoft 365 security tooling Exposure to DevSecOps practices and cloud security principles Strong troubleshooting, analytical and problem-solving skills Ability to manage multiple priorities within a collaborative environment Technical Environment Experience with some or all of the following technologies would be highly beneficial: Qualys, Microsoft Defender, Splunk, SolarWinds, Kubernetes, PowerShell, Python, Azure, AWS, Windows Server, Linux, New Relic, HashiCorp, Zerto and Jira. Experience with AI-driven threat detection and response platforms would also be advantageous. Qualifications CISSP certification preferred Equivalent certifications such as CISM, CEH or GIAC also considered Relevant cybersecurity or information security qualifications beneficial What s on Offer Competitive salary and benefits package Hybrid working model based in Surrey Opportunity to work within a global enterprise environment Exposure to modern cybersecurity technologies and initiatives Collaborative and supportive working culture Ongoing professional development and certification opportunities If you are passionate about cybersecurity, threat management and strengthening enterprise security capabilities, we would love to hear from you.
Jul 05, 2026
Full time
Cybersecurity Engineer Permanent £70-80k Location: Surrey (Hybrid 3 days on site) We are recruiting an experienced Cybersecurity Engineer to join a global organisation committed to strengthening and evolving its cybersecurity capabilities. This role will focus on identifying, assessing and mitigating cyber threats across enterprise systems while helping to shape and improve the organisation s overall security posture. Key Responsibilities Cybersecurity Operations & Threat Management Conduct ongoing threat assessments across operational systems and infrastructure Identify vulnerabilities, threat vectors and areas of security risk Design and implement security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents and testing activities Security Governance & Risk Management Support cybersecurity risk management and compliance initiatives Contribute to security architecture reviews and secure system design discussions Assess third-party and supply chain cybersecurity risks Support vulnerability management, penetration testing and security review activities Develop and report on security metrics and KPIs to demonstrate programme effectiveness Stay informed of relevant legal, regulatory and industry cybersecurity requirements Security Improvement & Collaboration Contribute to security awareness training and internal security initiatives Support red team/blue team exercises and resilience testing Assist with business continuity and disaster recovery planning from a cybersecurity perspective Work collaboratively with infrastructure, architecture and operational teams to strengthen security practices Communicate complex security concepts effectively to both technical and non-technical stakeholders Required Experience Minimum 5 years experience in cybersecurity or information security roles Strong understanding of network protocols, operating systems and enterprise security technologies Experience implementing and managing SIEM and SOAR platforms Knowledge of cybersecurity frameworks such as NIST, ISO27001, CIS benchmarks and Cyber Essentials Experience with threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain Familiarity with Data Loss Prevention technologies and Microsoft 365 security tooling Exposure to DevSecOps practices and cloud security principles Strong troubleshooting, analytical and problem-solving skills Ability to manage multiple priorities within a collaborative environment Technical Environment Experience with some or all of the following technologies would be highly beneficial: Qualys, Microsoft Defender, Splunk, SolarWinds, Kubernetes, PowerShell, Python, Azure, AWS, Windows Server, Linux, New Relic, HashiCorp, Zerto and Jira. Experience with AI-driven threat detection and response platforms would also be advantageous. Qualifications CISSP certification preferred Equivalent certifications such as CISM, CEH or GIAC also considered Relevant cybersecurity or information security qualifications beneficial What s on Offer Competitive salary and benefits package Hybrid working model based in Surrey Opportunity to work within a global enterprise environment Exposure to modern cybersecurity technologies and initiatives Collaborative and supportive working culture Ongoing professional development and certification opportunities If you are passionate about cybersecurity, threat management and strengthening enterprise security capabilities, we would love to hear from you.
Senior Front-End Engineer Location: London (Onsite, 5 days per week) Salary & Benefits: 80,000- 120,000 + Benefits Investigo are partnered with an innovative AI technology company at the forefront of the video intelligence industry. They're on a mission to transform the way businesses leverage video data through next-generation, AI-powered solutions, and they're looking for a Senior Front-End Engineer to help shape and deliver their cutting-edge platform. This is an opportunity to join a VC-backed, high-growth scale-up where you'll work alongside world-class engineers and product specialists from some of the most recognised global tech companies. You'll be designing, high-performance applications used by organisations across multiple industries, including healthcare, logistics, education, and hospitality. The Role Lead the development of scalable, responsive, and high-performance user interfaces for a next-generation AI-powered platform. Collaborate closely with product managers, designers, and back-end engineers to deliver a seamless, intuitive user experience. Build and maintain a reusable component library to ensure consistency and quality across the platform. Contribute to frontend architecture decisions and help define technical best practices for the team. Optimise performance and ensure applications are reliable, maintainable, and efficient. Skills & Experience Strong experience in modern frontend development , ideally with React and TypeScript (or similar frameworks). Proven ability to deliver high-quality, user-focused applications with an emphasis on performance and scalability. Experience working with component libraries (e.g. Storybook, Material UI, Chakra UI, or similar). Familiarity with frontend state management tools and data-fetching frameworks. Exposure to backend or cloud technologies (e.g. Python, AWS, databases) is highly beneficial. Comfortable leading large-scale frontend projects, setting coding standards, and mentoring other developers. Strong communication skills to collaborate effectively with designers, engineers, and stakeholders. What's on Offer Equity options, opportunity to join early and share in the company's success 100% company-paid dental & vision insurance Work on cutting-edge AI-driven solutions alongside a world-class engineering team If this sounds like your next challenge, please apply online or email me directly at (url removed).
Oct 01, 2025
Full time
Senior Front-End Engineer Location: London (Onsite, 5 days per week) Salary & Benefits: 80,000- 120,000 + Benefits Investigo are partnered with an innovative AI technology company at the forefront of the video intelligence industry. They're on a mission to transform the way businesses leverage video data through next-generation, AI-powered solutions, and they're looking for a Senior Front-End Engineer to help shape and deliver their cutting-edge platform. This is an opportunity to join a VC-backed, high-growth scale-up where you'll work alongside world-class engineers and product specialists from some of the most recognised global tech companies. You'll be designing, high-performance applications used by organisations across multiple industries, including healthcare, logistics, education, and hospitality. The Role Lead the development of scalable, responsive, and high-performance user interfaces for a next-generation AI-powered platform. Collaborate closely with product managers, designers, and back-end engineers to deliver a seamless, intuitive user experience. Build and maintain a reusable component library to ensure consistency and quality across the platform. Contribute to frontend architecture decisions and help define technical best practices for the team. Optimise performance and ensure applications are reliable, maintainable, and efficient. Skills & Experience Strong experience in modern frontend development , ideally with React and TypeScript (or similar frameworks). Proven ability to deliver high-quality, user-focused applications with an emphasis on performance and scalability. Experience working with component libraries (e.g. Storybook, Material UI, Chakra UI, or similar). Familiarity with frontend state management tools and data-fetching frameworks. Exposure to backend or cloud technologies (e.g. Python, AWS, databases) is highly beneficial. Comfortable leading large-scale frontend projects, setting coding standards, and mentoring other developers. Strong communication skills to collaborate effectively with designers, engineers, and stakeholders. What's on Offer Equity options, opportunity to join early and share in the company's success 100% company-paid dental & vision insurance Work on cutting-edge AI-driven solutions alongside a world-class engineering team If this sounds like your next challenge, please apply online or email me directly at (url removed).
LA International Computer Consultants Ltd
Leamington Spa, Warwickshire
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Sep 26, 2025
Contractor
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Sep 26, 2025
Contractor
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.