Location Bristol, Croydon, Leeds, London, Manchester About the job Job summary From healthcare to artificial intelligence, energy to national security, we provide legal advice to government departments on nation-changing subjects. At Government Legal Department we have a vital, single-minded purpose: to help the Government govern well within the rule of law. This is complemented by our exciting vision to be an outstanding legal organisation, committed to the highest standards of service and professionalism and a brilliant place to work where we can all thrive and fulfill our potential. Our work touches almost every aspect of public life. We are the largest provider of legal services across government, working on high profile matters. Our respected professionals are involved in everything from regulation and litigation to advice on drafting legislation. They provide expertise to the full range of government departments. We are at the heart of delivering the government's priorities and our success depends on our people. GLD is a non-ministerial government department headed by the Treasury Solicitor, our Permanent Secretary, and employs nearly 3000 people, including over 2600 legal professionals. We have offices nationwide, in Bristol, Leeds, inner and outer London and Manchester. Our lawyers can also be located within other departments and overseas. GLD also depends on a range of cross-government professionals to provide our corporate services. These play an essential part in helping GLD to achieve its purpose and truly deliver much more than law. This is an exciting time to join GLD, with cutting edge legal work on global issues and a transformation agenda which is ensuring the Department exemplifies the Modern Civil Service . To find out more about what we do you can view our introductory film here and visit the GLD's microsite . You can also read more about the future vision for GLD in our GLD Strategy 2024 - 2027 . Job description About the Digital and Data Team Government Digital and Data is a community of experts leading digital transformation in government, creating more efficient services that have a meaningful impact on people's lives. The Prime Minister has set out his vision for one in ten civil servants to work in tech and digital roles within the next five years as part of the blueprint for modern digital government . The Digital and Data Team's mission is to provide GLD with an IT environment that's 'fit for the future'. That means updating many of our older systems and processes. Using an agile , user-centred approach, we develop and improve our products and services in collaboration with the people who will use them. We consider sustainability, environmental impact and innovative ways to improve our staff's experience at work. The potential to shape our society's future is enormous and our purpose is to ensure the profession is equipped and inspired to deliver real, meaningful change for users; to do the work of transformation that makes government work better for everyone. About the Role In GLD our Lead Security Architects are responsible for ensuring the secure design and development of solutions across the department. They work closely with stakeholders throughout GLD to understand and meet security requirements in projects, ensuring that design standards are consistently applied during delivery. This is a challenging yet rewarding role, focused on implementing cybersecurity controls across GLD's digital infrastructure, which spans multiple office locations across England. GLD takes information security seriously, protecting the confidentiality, integrity, and availability of all data processed on its digital systems. As part of the Digital and Data team, you will provide assurance that cybersecurity best practices are applied consistently across GLD systems, acting as a subject matter expert on cyber risk and secure architecture. You will provide secure design and technical assurance for digital solutions, ensuring alignment with GLD's architecture standards, risk appetite, and security best practices. You will identify, assess, and manage cybersecurity risks throughout project delivery, embedding security in all technical design decisions. The role also involves delivering practical, hands-on support for cloud, network, and application security - particularly within Microsoft environments - and leading or contributing to cybersecurity governance and assurance forums, including business continuity and disaster recovery planning. Collaboration is essential: you'll work with internal and external stakeholders, including other government departments, to maintain trust, transparency, and alignment on security matters. You'll also develop and maintain information security policies, overseeing penetration testing and vulnerability management activities to drive continuous improvement. Person specification Behaviours Below are details of the Success Profiles that make up this role. Demonstrating all the behaviours listed below is essential at either application or interview. You can read more about Success Profile here . We'll assess you against these behaviours during the selection process: Delivering at Pace Communicating and Influencing Managing a Quality Service Experience Essential - must be demonstrated at application and/or interview Robust working knowledge of NCSC's cyber security principles and their practical application in enterprise and government environments. Experience designing secure digital services and providing technical security assurance. Proven ability to assess and manage cyber risks using structured methodologies. Demonstrable understanding of Microsoft 365 and Azure security features, including Entra ID. Familiarity with common cyber security tools and platforms. Strong stakeholder engagement and communication skills, with the ability to influence technical and non-technical audiences. Ability to contribute to ISO27001 implementation and support ongoing certification. Essential - Desirable Experience of planning and delivering projects. Hands-on experience with Trend Micro, LogRhythm, CyberArk, Penterra, ManageEngine, Semperis or similar technologies. Technical Skills Implementing Enterprise Security Architectural changes and drafting policies using NCSC guidance. Cyber essentials+, ISO27001, ISO27005, DSIT/NCSC Secure by Design framework. Proficiency in security frameworks and standards (e.g., NIST, ISO 27001, CIS, Zero-Trust). Experience with threat modelling, risk assessment, and vulnerability management. Ability to evaluate and implement digital security technologies and controls across enterprise systems. Microsoft 365 and Azure Security, and Entra ID. Qualifications - suggested eligibility criteria Relevant certifications such as CCSP, CISSP or SANS/GIAC preferred. Security Clearance Level All GLD employees must hold BPSS security clearance. If successful for this post you must hold, or be willing and able to obtain, DV level security clearance. You can start your position while getting this clearance level. More information can be found about the vetting and clearance levels before completing your application. Sponsorship and Visas There is the possibility that GLD can provide sponsorship for skilled workers, as long as they meet the eligibility criteria set down under current immigration legislation. GLD does not guarantee sponsorship will be provided or that an applicant will be successful in gaining a skilled worker visa. It is the responsibility of the applicant to ensure that they meet the criteria for sponsorship. They also have the responsibility to notify the Resourcing Team that they require Sponsorship at the start of the onboarding process into GLD. This applies to existing civil servants as well as external candidates. Behaviours We'll assess you against these behaviours during the selection process: Delivering at Pace Communicating and Influencing Managing a Quality Service Technical skills We'll assess you against these technical skills during the selection process: Implementing Enterprise Security Architectural changes and drafting policies Cyber essentials+, ISO27001, ISO27005, DSIT/NCSC Secure by Design framework Proficiency in security frameworks and standards (e.g., NIST, ISO 27001, CIS, Zero-Trust) Experience with threat modelling, risk assessment, and vulnerability management Ability to evaluate and implement digital security technologies and controls across enterprise systems Microsoft 365 and Azure Security, and Entra ID
Nov 01, 2025
Full time
Location Bristol, Croydon, Leeds, London, Manchester About the job Job summary From healthcare to artificial intelligence, energy to national security, we provide legal advice to government departments on nation-changing subjects. At Government Legal Department we have a vital, single-minded purpose: to help the Government govern well within the rule of law. This is complemented by our exciting vision to be an outstanding legal organisation, committed to the highest standards of service and professionalism and a brilliant place to work where we can all thrive and fulfill our potential. Our work touches almost every aspect of public life. We are the largest provider of legal services across government, working on high profile matters. Our respected professionals are involved in everything from regulation and litigation to advice on drafting legislation. They provide expertise to the full range of government departments. We are at the heart of delivering the government's priorities and our success depends on our people. GLD is a non-ministerial government department headed by the Treasury Solicitor, our Permanent Secretary, and employs nearly 3000 people, including over 2600 legal professionals. We have offices nationwide, in Bristol, Leeds, inner and outer London and Manchester. Our lawyers can also be located within other departments and overseas. GLD also depends on a range of cross-government professionals to provide our corporate services. These play an essential part in helping GLD to achieve its purpose and truly deliver much more than law. This is an exciting time to join GLD, with cutting edge legal work on global issues and a transformation agenda which is ensuring the Department exemplifies the Modern Civil Service . To find out more about what we do you can view our introductory film here and visit the GLD's microsite . You can also read more about the future vision for GLD in our GLD Strategy 2024 - 2027 . Job description About the Digital and Data Team Government Digital and Data is a community of experts leading digital transformation in government, creating more efficient services that have a meaningful impact on people's lives. The Prime Minister has set out his vision for one in ten civil servants to work in tech and digital roles within the next five years as part of the blueprint for modern digital government . The Digital and Data Team's mission is to provide GLD with an IT environment that's 'fit for the future'. That means updating many of our older systems and processes. Using an agile , user-centred approach, we develop and improve our products and services in collaboration with the people who will use them. We consider sustainability, environmental impact and innovative ways to improve our staff's experience at work. The potential to shape our society's future is enormous and our purpose is to ensure the profession is equipped and inspired to deliver real, meaningful change for users; to do the work of transformation that makes government work better for everyone. About the Role In GLD our Lead Security Architects are responsible for ensuring the secure design and development of solutions across the department. They work closely with stakeholders throughout GLD to understand and meet security requirements in projects, ensuring that design standards are consistently applied during delivery. This is a challenging yet rewarding role, focused on implementing cybersecurity controls across GLD's digital infrastructure, which spans multiple office locations across England. GLD takes information security seriously, protecting the confidentiality, integrity, and availability of all data processed on its digital systems. As part of the Digital and Data team, you will provide assurance that cybersecurity best practices are applied consistently across GLD systems, acting as a subject matter expert on cyber risk and secure architecture. You will provide secure design and technical assurance for digital solutions, ensuring alignment with GLD's architecture standards, risk appetite, and security best practices. You will identify, assess, and manage cybersecurity risks throughout project delivery, embedding security in all technical design decisions. The role also involves delivering practical, hands-on support for cloud, network, and application security - particularly within Microsoft environments - and leading or contributing to cybersecurity governance and assurance forums, including business continuity and disaster recovery planning. Collaboration is essential: you'll work with internal and external stakeholders, including other government departments, to maintain trust, transparency, and alignment on security matters. You'll also develop and maintain information security policies, overseeing penetration testing and vulnerability management activities to drive continuous improvement. Person specification Behaviours Below are details of the Success Profiles that make up this role. Demonstrating all the behaviours listed below is essential at either application or interview. You can read more about Success Profile here . We'll assess you against these behaviours during the selection process: Delivering at Pace Communicating and Influencing Managing a Quality Service Experience Essential - must be demonstrated at application and/or interview Robust working knowledge of NCSC's cyber security principles and their practical application in enterprise and government environments. Experience designing secure digital services and providing technical security assurance. Proven ability to assess and manage cyber risks using structured methodologies. Demonstrable understanding of Microsoft 365 and Azure security features, including Entra ID. Familiarity with common cyber security tools and platforms. Strong stakeholder engagement and communication skills, with the ability to influence technical and non-technical audiences. Ability to contribute to ISO27001 implementation and support ongoing certification. Essential - Desirable Experience of planning and delivering projects. Hands-on experience with Trend Micro, LogRhythm, CyberArk, Penterra, ManageEngine, Semperis or similar technologies. Technical Skills Implementing Enterprise Security Architectural changes and drafting policies using NCSC guidance. Cyber essentials+, ISO27001, ISO27005, DSIT/NCSC Secure by Design framework. Proficiency in security frameworks and standards (e.g., NIST, ISO 27001, CIS, Zero-Trust). Experience with threat modelling, risk assessment, and vulnerability management. Ability to evaluate and implement digital security technologies and controls across enterprise systems. Microsoft 365 and Azure Security, and Entra ID. Qualifications - suggested eligibility criteria Relevant certifications such as CCSP, CISSP or SANS/GIAC preferred. Security Clearance Level All GLD employees must hold BPSS security clearance. If successful for this post you must hold, or be willing and able to obtain, DV level security clearance. You can start your position while getting this clearance level. More information can be found about the vetting and clearance levels before completing your application. Sponsorship and Visas There is the possibility that GLD can provide sponsorship for skilled workers, as long as they meet the eligibility criteria set down under current immigration legislation. GLD does not guarantee sponsorship will be provided or that an applicant will be successful in gaining a skilled worker visa. It is the responsibility of the applicant to ensure that they meet the criteria for sponsorship. They also have the responsibility to notify the Resourcing Team that they require Sponsorship at the start of the onboarding process into GLD. This applies to existing civil servants as well as external candidates. Behaviours We'll assess you against these behaviours during the selection process: Delivering at Pace Communicating and Influencing Managing a Quality Service Technical skills We'll assess you against these technical skills during the selection process: Implementing Enterprise Security Architectural changes and drafting policies Cyber essentials+, ISO27001, ISO27005, DSIT/NCSC Secure by Design framework Proficiency in security frameworks and standards (e.g., NIST, ISO 27001, CIS, Zero-Trust) Experience with threat modelling, risk assessment, and vulnerability management Ability to evaluate and implement digital security technologies and controls across enterprise systems Microsoft 365 and Azure Security, and Entra ID
Job Title: Senior Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary; Circa £50,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Act as a mentor and as an escalation point within the team for technical queries Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems Escalate suspected major security incidents / investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems Contribute to and help define requirements for future security capabilities along with the Lead Analyst Your skills and experiences: Essential: Technical background with experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, Networking, Cloud and Vulnerability Management Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments Previous experience working within Cyber Operations utilising SIEM platforms Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc .) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role , to allow for meaningful security vetting checks. Closing Date: 7th November 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role . Therefore, if you are interested, please submit your application as early as possible.
Nov 01, 2025
Full time
Job Title: Senior Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary; Circa £50,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Act as a mentor and as an escalation point within the team for technical queries Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems Escalate suspected major security incidents / investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems Contribute to and help define requirements for future security capabilities along with the Lead Analyst Your skills and experiences: Essential: Technical background with experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, Networking, Cloud and Vulnerability Management Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments Previous experience working within Cyber Operations utilising SIEM platforms Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc .) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role , to allow for meaningful security vetting checks. Closing Date: 7th November 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role . Therefore, if you are interested, please submit your application as early as possible.
Head of IT Security - West London - (Enterprise-wide Cyber & Information Security) Location: West London - 5 days on-site Salary: (phone number removed) per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.
Oct 30, 2025
Full time
Head of IT Security - West London - (Enterprise-wide Cyber & Information Security) Location: West London - 5 days on-site Salary: (phone number removed) per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.
We are looking for a dynamic and experienced SOC Operations Manager to lead and shape the delivery of our Security Operations Centre (SOC) services. In this pivotal role, you will be responsible for ensuring the SOC operates at peak performance while driving continual improvement, with a strong focus on ITIL service management principles and full alignment with CREST standards. Based on-site in Hemel Hempstead, this is an outstanding opportunity for a SOC Operations Manager with proven experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation's digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate remediation. Monitor and analyse security events across multiple platforms. Identify, assess, and escalate threats and vulnerabilities. Maintain and evolve SOC operational documentation and processes. Deliver training, mentorship, and knowledge sharing across the team. Ensure tool proficiency and promote a culture of continuous learning. Communicate effectively with senior stakeholders on risks and incidents. Provide regular SOC performance reports and updates. Ensure SOC operations adhere to CREST and ITIL standards. Support accreditation maintenance and operational readiness. What you will bring: Demonstrated experience leading Security Operations Centre (SOC) teams in a 24 7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It would be great if you had: Vendor-specific accreditations (e.g. Splunk Certified, Microsoft SC-200). Relevant security or management certifications. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Although this role is advertised as full-time, we support different ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Employment Type: Full Time, Permanent Location: Hemel Hempstead ON-SITE Security Clearance Level: ideally SC or DV Cleared, willing to obtain DV clearance Internal Recruiter: Lee Salary: £80-£90k Benefits: Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund (3% of base salary). Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
Oct 30, 2025
Full time
We are looking for a dynamic and experienced SOC Operations Manager to lead and shape the delivery of our Security Operations Centre (SOC) services. In this pivotal role, you will be responsible for ensuring the SOC operates at peak performance while driving continual improvement, with a strong focus on ITIL service management principles and full alignment with CREST standards. Based on-site in Hemel Hempstead, this is an outstanding opportunity for a SOC Operations Manager with proven experience in monitoring and analysing security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation's digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage vulnerability assessments and coordinate remediation. Monitor and analyse security events across multiple platforms. Identify, assess, and escalate threats and vulnerabilities. Maintain and evolve SOC operational documentation and processes. Deliver training, mentorship, and knowledge sharing across the team. Ensure tool proficiency and promote a culture of continuous learning. Communicate effectively with senior stakeholders on risks and incidents. Provide regular SOC performance reports and updates. Ensure SOC operations adhere to CREST and ITIL standards. Support accreditation maintenance and operational readiness. What you will bring: Demonstrated experience leading Security Operations Centre (SOC) teams in a 24 7 environment, driving operational excellence and continuous improvement. Ability to harness data analysis to detect threats, identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It would be great if you had: Vendor-specific accreditations (e.g. Splunk Certified, Microsoft SC-200). Relevant security or management certifications. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Although this role is advertised as full-time, we support different ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Employment Type: Full Time, Permanent Location: Hemel Hempstead ON-SITE Security Clearance Level: ideally SC or DV Cleared, willing to obtain DV clearance Internal Recruiter: Lee Salary: £80-£90k Benefits: Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund (3% of base salary). Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
Job Description What if you could do the kind of work the world needs? At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work of your life. You can embrace your curiosity in a culture that celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you. A little more about your role We are seeking a highly skilled and advanced technical cybersecurity professional, preferably a Microsoft MVP (Most Valuable Professional) to our Global Security Operations and Engineering team. The successful candidate will lead technical security initiatives, with a particular focus on Microsoft Cloud Security covering the full scope, i.e., to plan (architect), implement (build), and manage the security platforms and tools in use at WSP, especially the SOAR capabilities, including automation for the SOC. An important part of this role would be to coach and build the overall knowledge and capabilities within the team. And so, naturally, the incumbent would be an integral member of the team and would also get some good insight into other technology platforms, e.g. AD auditing solutions, PAM, our Threat Intelligence platforms etc. Key Responsibilities Work with a globally distributed team, taking inputs from the business, SOC, and management to roll out systems and troubleshoot (Tier-3) support for security issues Lead-guide the local Service Desk/ OSS teams with knowledge bases to resolve tickets at first instance for issues relating to security software and configurations Develop the automation (including playbooks, SOAR), scripts to monitor system-health, as well as management the SOC tools in use Extract data from systems and build reports for management; PowerBI skills would be an advantage Knowledge transfer and sharing Monitor and respond to feedback from the customers (employees and business stakeholders) Bring a problem-solving and solutions-mindset, coordinate with the IT teams as needed Finance/Budgetary Responsibilities Provide feedback on tooling and identify additional needs Plan for expanse of security tools to cover ongoing needs Evaluation of license usage and potential growth What we will be looking for you to demonstrate Significant technical skills in the security area, especially with Microsoft tools, (including but not limited to) MS Sentinel, Defender, Purview, Entra, AD, etc. A proven track record in improving and maturity existing security implementations and configurations Ruthless about securing the attack landscape, and hardening the existing systems in the enterprise hybrid landscape (end-user devices, servers, etc) Skills and experiences with other vendors and services would be an added advantage Solid knowledge about the overall security landscape, including Threat and Vulnerability Management, and the ability to guide on their remediation. Guide and implement automations, develop and fine-tune the SIEM detection rules to reduce manual efforts Cyber professional at heart, tracking and mitigating emerging cyber threats against the company (e.g. zero-day exploits, APTs etc). Experiences with other concepts and systems like Privileged Account Management, Key Management (certificates, keys, ciphers, etc.). Ability to lead security systems integration, e.g., defining the architecture to work with ticketing systems, e.g. integrating Defender to create-manage the tickets and communications in ServiceNow Knowledge of extracting relevant data, creating security reports etc. would be a definite advantage. Solid abilities to lead and plan the architecture, deliveries, and even more importantly coach and teach other members of the technical team to high levels of technology excellence Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, data sciences, or related field Strong analytical skills with a keen eye for detail and accuracy. Previous experiences in security tools and systems administration, including experience as a security administrator for security platforms Knowledge and experience in SIEM and Microsoft platforms (Microsoft Azure ecosystems), other vendor security systems are good experiences as well (e.g. CyberArk, Akeyless) Good knowledge of EDR systems e.g. MS Defender, KQL etc. (or alternatively the willingness to learn them) Planned and meticulous approach to deliveries. Knowledge and/or willingness to learn about advanced security capabilities, including integrations with other systems Imagine a better future for you and a better future for us all. Join our close-knit community of talented individuals who share your passion for making a positive impact. Our global team includes more than 69,000 employees, working together to make a difference in communities both close to home and around the world. With us, you can. Apply today. About Us We are one of the world's leading engineering and professional services firms. Our 72,800 passionate people are united by the common purpose of creating positive, long-lasting impacts on the communities we serve through a culture of innovation, integrity, and inclusion. With over 9,000 professionals across the UK and Ireland, we are dedicated to our local communities and propelled by international brainpower. WHAT'S IN IT FOR YOU? Work-life balance At WSP, we understand that work is just one aspect of your life. It's important to make time for you, your family, friends, interests and your community. Our hybrid working policy offers the flexibility to work from home two days a week, while also providing opportunities to collaborate in our modern offices across the UK. Inclusivity & Belonging We welcome applicants with varied backgrounds and experiences. We enable rewarding careers by encouraging people to bring their whole and authentic selves to work so that our work represents the fullest spectrum of society. We celebrate integrity and treat people with respect, supporting each other and embracing a culture of inclusion and belonging at WSP. We have our employee resource groups bring together employees and allies with different backgrounds to promote our culture of inclusivity. Health & Wellbeing We are committed to supporting our people, giving you the tools to make improvements to your health and wellbeing through our Thrive programme. Our Virtual GP service gives you access to an NHS or Irish Medical Council GP at a time and place that suits you - giving you peace of mind and quick access to medical advice when you need it most. We also provide reasonable workplace adjustments for those in need. Additionally, you can benefit from the Gymflex scheme, which offers up to 40% off annual gym memberships through our WSP flexible benefits program, as well as a comprehensive menopause support package. Flex your time To enhance work-life balance, WSP offers the "WSP My Hour," allowing you to take one hour each day for personal activities, with the flexibility to make up the time earlier or later that day. We also provide part-time and flexible working arrangements, the option to purchase additional leave, and the ability to use your bank holiday entitlement to suit you. Your development We understand the importance of development and training to you. That's why we foster a supportive environment that invests in your growth, whether through training, mentoring, or Chartership. Here at WSP we positively encourage applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, pregnancy or maternity/paternity. As a Disability Confident leader, we will interview all disabled applicants who meet the essential criteria, please let us know if you require any workplace adjustments in support of your application.
Oct 30, 2025
Full time
Job Description What if you could do the kind of work the world needs? At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work of your life. You can embrace your curiosity in a culture that celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you. A little more about your role We are seeking a highly skilled and advanced technical cybersecurity professional, preferably a Microsoft MVP (Most Valuable Professional) to our Global Security Operations and Engineering team. The successful candidate will lead technical security initiatives, with a particular focus on Microsoft Cloud Security covering the full scope, i.e., to plan (architect), implement (build), and manage the security platforms and tools in use at WSP, especially the SOAR capabilities, including automation for the SOC. An important part of this role would be to coach and build the overall knowledge and capabilities within the team. And so, naturally, the incumbent would be an integral member of the team and would also get some good insight into other technology platforms, e.g. AD auditing solutions, PAM, our Threat Intelligence platforms etc. Key Responsibilities Work with a globally distributed team, taking inputs from the business, SOC, and management to roll out systems and troubleshoot (Tier-3) support for security issues Lead-guide the local Service Desk/ OSS teams with knowledge bases to resolve tickets at first instance for issues relating to security software and configurations Develop the automation (including playbooks, SOAR), scripts to monitor system-health, as well as management the SOC tools in use Extract data from systems and build reports for management; PowerBI skills would be an advantage Knowledge transfer and sharing Monitor and respond to feedback from the customers (employees and business stakeholders) Bring a problem-solving and solutions-mindset, coordinate with the IT teams as needed Finance/Budgetary Responsibilities Provide feedback on tooling and identify additional needs Plan for expanse of security tools to cover ongoing needs Evaluation of license usage and potential growth What we will be looking for you to demonstrate Significant technical skills in the security area, especially with Microsoft tools, (including but not limited to) MS Sentinel, Defender, Purview, Entra, AD, etc. A proven track record in improving and maturity existing security implementations and configurations Ruthless about securing the attack landscape, and hardening the existing systems in the enterprise hybrid landscape (end-user devices, servers, etc) Skills and experiences with other vendors and services would be an added advantage Solid knowledge about the overall security landscape, including Threat and Vulnerability Management, and the ability to guide on their remediation. Guide and implement automations, develop and fine-tune the SIEM detection rules to reduce manual efforts Cyber professional at heart, tracking and mitigating emerging cyber threats against the company (e.g. zero-day exploits, APTs etc). Experiences with other concepts and systems like Privileged Account Management, Key Management (certificates, keys, ciphers, etc.). Ability to lead security systems integration, e.g., defining the architecture to work with ticketing systems, e.g. integrating Defender to create-manage the tickets and communications in ServiceNow Knowledge of extracting relevant data, creating security reports etc. would be a definite advantage. Solid abilities to lead and plan the architecture, deliveries, and even more importantly coach and teach other members of the technical team to high levels of technology excellence Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, data sciences, or related field Strong analytical skills with a keen eye for detail and accuracy. Previous experiences in security tools and systems administration, including experience as a security administrator for security platforms Knowledge and experience in SIEM and Microsoft platforms (Microsoft Azure ecosystems), other vendor security systems are good experiences as well (e.g. CyberArk, Akeyless) Good knowledge of EDR systems e.g. MS Defender, KQL etc. (or alternatively the willingness to learn them) Planned and meticulous approach to deliveries. Knowledge and/or willingness to learn about advanced security capabilities, including integrations with other systems Imagine a better future for you and a better future for us all. Join our close-knit community of talented individuals who share your passion for making a positive impact. Our global team includes more than 69,000 employees, working together to make a difference in communities both close to home and around the world. With us, you can. Apply today. About Us We are one of the world's leading engineering and professional services firms. Our 72,800 passionate people are united by the common purpose of creating positive, long-lasting impacts on the communities we serve through a culture of innovation, integrity, and inclusion. With over 9,000 professionals across the UK and Ireland, we are dedicated to our local communities and propelled by international brainpower. WHAT'S IN IT FOR YOU? Work-life balance At WSP, we understand that work is just one aspect of your life. It's important to make time for you, your family, friends, interests and your community. Our hybrid working policy offers the flexibility to work from home two days a week, while also providing opportunities to collaborate in our modern offices across the UK. Inclusivity & Belonging We welcome applicants with varied backgrounds and experiences. We enable rewarding careers by encouraging people to bring their whole and authentic selves to work so that our work represents the fullest spectrum of society. We celebrate integrity and treat people with respect, supporting each other and embracing a culture of inclusion and belonging at WSP. We have our employee resource groups bring together employees and allies with different backgrounds to promote our culture of inclusivity. Health & Wellbeing We are committed to supporting our people, giving you the tools to make improvements to your health and wellbeing through our Thrive programme. Our Virtual GP service gives you access to an NHS or Irish Medical Council GP at a time and place that suits you - giving you peace of mind and quick access to medical advice when you need it most. We also provide reasonable workplace adjustments for those in need. Additionally, you can benefit from the Gymflex scheme, which offers up to 40% off annual gym memberships through our WSP flexible benefits program, as well as a comprehensive menopause support package. Flex your time To enhance work-life balance, WSP offers the "WSP My Hour," allowing you to take one hour each day for personal activities, with the flexibility to make up the time earlier or later that day. We also provide part-time and flexible working arrangements, the option to purchase additional leave, and the ability to use your bank holiday entitlement to suit you. Your development We understand the importance of development and training to you. That's why we foster a supportive environment that invests in your growth, whether through training, mentoring, or Chartership. Here at WSP we positively encourage applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, pregnancy or maternity/paternity. As a Disability Confident leader, we will interview all disabled applicants who meet the essential criteria, please let us know if you require any workplace adjustments in support of your application.
SSR General & Management
Chelmsley Wood, Warwickshire
Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage the relationship with the external SOC, ensuring proactive threat detection and response. Stay updated on industry trends and represent the company at cybersecurity events. Ensure compliance with security standards and regulations. Key Skills Strong leadership in IT security, particularly in incident and threat management. Advanced knowledge of cybersecurity frameworks, incident response, and threat intelligence. Analytical and critical thinking skills for complex security challenges. Excellent communication and collaboration abilities (across technical and non-technical teams). Ability to operate in a fast-moving environment and adapt strategies to emerging threats. Qualifications Extensive hands-on experience in large organizations managing incident response and threat management. Proven track record of leading cybersecurity teams. Bachelor s or Master s degree in Cybersecurity, IT, or related field. If you are a dynamic leader who thrives in fast-moving environments and wants to make a measurable impact on global cybersecurity resilience, this role offers the platform and support to do exactly that, apply for this exceptional vacancy today.
Oct 29, 2025
Full time
Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. Manage the relationship with the external SOC, ensuring proactive threat detection and response. Stay updated on industry trends and represent the company at cybersecurity events. Ensure compliance with security standards and regulations. Key Skills Strong leadership in IT security, particularly in incident and threat management. Advanced knowledge of cybersecurity frameworks, incident response, and threat intelligence. Analytical and critical thinking skills for complex security challenges. Excellent communication and collaboration abilities (across technical and non-technical teams). Ability to operate in a fast-moving environment and adapt strategies to emerging threats. Qualifications Extensive hands-on experience in large organizations managing incident response and threat management. Proven track record of leading cybersecurity teams. Bachelor s or Master s degree in Cybersecurity, IT, or related field. If you are a dynamic leader who thrives in fast-moving environments and wants to make a measurable impact on global cybersecurity resilience, this role offers the platform and support to do exactly that, apply for this exceptional vacancy today.
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
Oct 29, 2025
Full time
Main purpose of post: The Cybersecurity Department with our client provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. Daily tasks will involve the following: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests Capable of analysing information technology logs and events sources preferred Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) Ability to work independently while managing support to a high standard Contribute credibly to IT department's delivery of SLAs and other support targets Self-motivated to advance own knowledge & gain formal qualifications Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment. Incident response experience Qualification / Certification in Cyber Security Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+ IT Helpdesk experience or knowledge Cyber Security Operation Centre experience Qualification / Certification in Cyber Security Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education. Connect2Employment is a trading style of Luton & Kent Commercial Services LLP - A joint venture between Luton Borough Council & Commercial Services Kent Ltd. Connect2Employment is an equal opportunities Employment Agency & Business. It positively encourages applications from all suitably qualified and eligible candidates.
Head of Cyber Security - Enterprise-wide Cyber & Information Security Location: London - 5 days on-site Salary: (phone number removed) per annum Type: Permanent My client is looking to recruit a Head of Cyber Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.
Oct 29, 2025
Full time
Head of Cyber Security - Enterprise-wide Cyber & Information Security Location: London - 5 days on-site Salary: (phone number removed) per annum Type: Permanent My client is looking to recruit a Head of Cyber Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.
Joining Arup Today the risks to people, assets and organisations are rapidly evolving. We help clients navigate the toughest questions in the spheres of safety risk, security risk and business risk. Whether due to geopolitical risk, climate change, life extension of ageing infrastructure or the increased connectivity of our built environment, we help clients develop appropriate and proportionate solutions to their risks. Our Resilience Security and Risk team includes leading experts in security intelligence, blast and protective design, physical and electronic security design, cyber-security, personnel and operational security. Watch this short clip to discover how Arup are shaping a better world and how you could be a part of it! The Opportunity We work closely with other disciplines in Arup to find solutions that meet our client's objectives and are sustainable in their implementation. To enable us to do this we are looking for an enthusiastic and capable Senior Security Consultant/System Engineer to join our world leading security consultancy. Such a specialist should have a strong foundation in security consulting and security system design/implementation. The role of Security Consultant/System Engineer within the Resilience Security and Risk team demands a high degree of technical ability and some commercial exposure. As a Security Consultant/System Engineer, the primary focus will be the day-to-day design of security systems on projects across our portfolio of work, ensuring delivery is to a consistently high standard and meeting client and stakeholder expectations. At Arup, you belong to an extraordinary collective - in which we encourage individuality to thrive. Our strength comes from how we respect, share and connect our diverse experiences, perspectives and ideas. You will have the opportunity do socially useful work that has meaning - to Arup, to your career, to our members and to the clients and communities we serve. Is this role right for you? The suitable candidate will have proven skills in delivering security projects within the built environment, a significant part of which must include demonstrable experience of working in a multi-disciplinary engineering consultancy environment. You will possess a relevant qualification in security or built environment discipline. Alternatively, we will also consider significant industry experience within security or risk management. Ideally you will hold or be working towards professional membership of an established UK security related institutions such as Security Institute; Register of Security Engineers and Specialists (RSES); ASIS. We are looking for the following skills and knowledge: Design and delivery of integrated solutions using the latest technology applicable to security design (e.g Video surveillance, access control and intruder detection systems). Integration to other third-party site-based systems (i.e. Fire, BMS, etc.) Knowledge and the implementation of physical barrier systems including; Pedestrian turnstiles/electronical operated gate systems; Perimeter fences, vehicle gates and barriers; Hostile vehicle mitigation systems (active and static). Appreciation of current initiatives within the industry such as SABRE, Secured by Design, etc. Physical design of facilities and controlled areas to mitigate against forced entry using manual/powered tools. Contribute, develop and/or interpret threat, vulnerability and risk assessments. Conversant in designing in the BIM and Revit environments and be able to provide guidance to the junior consultants/engineers on delivery and the security considerations. Capable of undertaking technical security reviews, audits, design surveys, installation inspections and approvals, and other similar tasks of our clients Experience in the design of security systems in the following sectors would be an advantage but not necessary • Data centres • Aviation • Government / defence Not ready to apply just yet, or have a few questions? Contact Marek Mazurowski . Please note, to ensure we remain GDPR compliant do not send your CV directly to us via this email. What we offer you At Arup, we care about each member's success, so we can grow together. Guided by our values, we provide an attractive total reward package that recognises the contribution of each of our members to our shared success. As well as competitive, fair and equitable pay, we offer a career in which all of our members can belong, grow and thrive - through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to have an impact through the work they do. We are owned in trust on behalf of our members, giving us the freedom, with personal responsibility, to set our own direction and choose work that aligns with our purpose and adds to Arup's legacy. Our members collaborate on ambitious projects to deliver remarkable outcomes for our clients and communities. Profit Share is a key part of our reward, enabling members to share in the results of our collective efforts. We also provide Private medical insurance, Life assurance, Accident insurance and Income protection cover. In addition, you'll have access to flexible benefits to help you look after all aspects of your wellbeing and give you the freedom and flexibility to find the best solutions for you, your family, and your individual needs. Different people, shared values Arup is an equal opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age (within legal limits), gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. We are an open environment that embraces diverse experiences, perspectives, and ideas - this drives our excellence. Guided by our values and alignment with the UN Sustainable Development Goals, we create and contribute to equitable spaces and systems, while cultivating a sense of belonging for all. Our internal employee networks support our inclusive culture: from race, ethnicity and cross-cultural working to gender equity and LGBTQ+ and disability inclusion - we aim to create a space for you to express yourself and make a positive difference. Discover more about life at Arup at . We are committed to making our recruitment process and workplaces accessible to all candidates. Please contact Marek Mazurowski let us know if you need any assistance or reasonable adjustments throughout your application or interview process, and/or to perform the essential functions of the role. We will do everything we can to support you. Our Application Process To understand what to expect next, please visit Stay safe online - Arup will never ask for your bank details as part of our recruitment process. Recruitment Agencies - We have a Preferred Supplier List of trusted partners to assist us when required and do not acknowledge any speculative CVs or unsolicited candidate introductions from agencies not on the list. Closing Date: 23rd November 2025 Please note we may close the role earlier than the advertised date should we receive a large number of applications, so please ensure you apply early.
Oct 28, 2025
Full time
Joining Arup Today the risks to people, assets and organisations are rapidly evolving. We help clients navigate the toughest questions in the spheres of safety risk, security risk and business risk. Whether due to geopolitical risk, climate change, life extension of ageing infrastructure or the increased connectivity of our built environment, we help clients develop appropriate and proportionate solutions to their risks. Our Resilience Security and Risk team includes leading experts in security intelligence, blast and protective design, physical and electronic security design, cyber-security, personnel and operational security. Watch this short clip to discover how Arup are shaping a better world and how you could be a part of it! The Opportunity We work closely with other disciplines in Arup to find solutions that meet our client's objectives and are sustainable in their implementation. To enable us to do this we are looking for an enthusiastic and capable Senior Security Consultant/System Engineer to join our world leading security consultancy. Such a specialist should have a strong foundation in security consulting and security system design/implementation. The role of Security Consultant/System Engineer within the Resilience Security and Risk team demands a high degree of technical ability and some commercial exposure. As a Security Consultant/System Engineer, the primary focus will be the day-to-day design of security systems on projects across our portfolio of work, ensuring delivery is to a consistently high standard and meeting client and stakeholder expectations. At Arup, you belong to an extraordinary collective - in which we encourage individuality to thrive. Our strength comes from how we respect, share and connect our diverse experiences, perspectives and ideas. You will have the opportunity do socially useful work that has meaning - to Arup, to your career, to our members and to the clients and communities we serve. Is this role right for you? The suitable candidate will have proven skills in delivering security projects within the built environment, a significant part of which must include demonstrable experience of working in a multi-disciplinary engineering consultancy environment. You will possess a relevant qualification in security or built environment discipline. Alternatively, we will also consider significant industry experience within security or risk management. Ideally you will hold or be working towards professional membership of an established UK security related institutions such as Security Institute; Register of Security Engineers and Specialists (RSES); ASIS. We are looking for the following skills and knowledge: Design and delivery of integrated solutions using the latest technology applicable to security design (e.g Video surveillance, access control and intruder detection systems). Integration to other third-party site-based systems (i.e. Fire, BMS, etc.) Knowledge and the implementation of physical barrier systems including; Pedestrian turnstiles/electronical operated gate systems; Perimeter fences, vehicle gates and barriers; Hostile vehicle mitigation systems (active and static). Appreciation of current initiatives within the industry such as SABRE, Secured by Design, etc. Physical design of facilities and controlled areas to mitigate against forced entry using manual/powered tools. Contribute, develop and/or interpret threat, vulnerability and risk assessments. Conversant in designing in the BIM and Revit environments and be able to provide guidance to the junior consultants/engineers on delivery and the security considerations. Capable of undertaking technical security reviews, audits, design surveys, installation inspections and approvals, and other similar tasks of our clients Experience in the design of security systems in the following sectors would be an advantage but not necessary • Data centres • Aviation • Government / defence Not ready to apply just yet, or have a few questions? Contact Marek Mazurowski . Please note, to ensure we remain GDPR compliant do not send your CV directly to us via this email. What we offer you At Arup, we care about each member's success, so we can grow together. Guided by our values, we provide an attractive total reward package that recognises the contribution of each of our members to our shared success. As well as competitive, fair and equitable pay, we offer a career in which all of our members can belong, grow and thrive - through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to have an impact through the work they do. We are owned in trust on behalf of our members, giving us the freedom, with personal responsibility, to set our own direction and choose work that aligns with our purpose and adds to Arup's legacy. Our members collaborate on ambitious projects to deliver remarkable outcomes for our clients and communities. Profit Share is a key part of our reward, enabling members to share in the results of our collective efforts. We also provide Private medical insurance, Life assurance, Accident insurance and Income protection cover. In addition, you'll have access to flexible benefits to help you look after all aspects of your wellbeing and give you the freedom and flexibility to find the best solutions for you, your family, and your individual needs. Different people, shared values Arup is an equal opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age (within legal limits), gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. We are an open environment that embraces diverse experiences, perspectives, and ideas - this drives our excellence. Guided by our values and alignment with the UN Sustainable Development Goals, we create and contribute to equitable spaces and systems, while cultivating a sense of belonging for all. Our internal employee networks support our inclusive culture: from race, ethnicity and cross-cultural working to gender equity and LGBTQ+ and disability inclusion - we aim to create a space for you to express yourself and make a positive difference. Discover more about life at Arup at . We are committed to making our recruitment process and workplaces accessible to all candidates. Please contact Marek Mazurowski let us know if you need any assistance or reasonable adjustments throughout your application or interview process, and/or to perform the essential functions of the role. We will do everything we can to support you. Our Application Process To understand what to expect next, please visit Stay safe online - Arup will never ask for your bank details as part of our recruitment process. Recruitment Agencies - We have a Preferred Supplier List of trusted partners to assist us when required and do not acknowledge any speculative CVs or unsolicited candidate introductions from agencies not on the list. Closing Date: 23rd November 2025 Please note we may close the role earlier than the advertised date should we receive a large number of applications, so please ensure you apply early.
Solus Accident Repair Centres
Birchanger, Hertfordshire
Overview Location: Hybrid (Stansted - 3 days per week, 2 days remote) We're looking for a proactive and detail-oriented Cyber Security Engineer to help safeguard our networks and systems. You'll play a key role in protecting sensitive data and infrastructure from cyber threats, supporting the planning and implementation of robust security measures across the organisation. This is a hands-on role where you'll work closely with our Cyber Security Manager and wider Technology team to ensure our security posture remains strong, compliant, and resilient. Responsibilities Conduct regular vulnerability scans and produce actionable reports Support patch deployment and software approval audits Configure and maintain firewalls, VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to maximise resources Qualifications Desired qualifications and experience: Minimum 2 years' experience in incident detection, response, and forensics Strong understanding of Azure, Zero Trust Estates, DLP, IDS/IPS, Web-Proxy, and Security Audits Analytical mindset with excellent problem-solving skills Excellent communication and stakeholder engagement skills Self-motivated with a passion for learning and innovation Sentinel / SIEM certifications Microsoft Security/Identity certifications ISC2 CC or SSCP DevOps / DevSecOps exposure or certifications Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/5 star customer rating. With an award-winning apprenticeship programme and winners of other recognised industry awards Solus are proud to be shaping the future of vehicle repair. Why Join Solus? We have so much to offer when it comes to being a Solus colleague: Competitive salary based on location, skills, experience, and qualifications. Bonus opportunity tied to your performance and the overall success of Solus. Company pension scheme with employer contributions. 33 days' holiday (including bank holidays), with the option to buy or sell up to 5 days. Save money with up to 40% discount on Aviva products and other retailer discounts. Share in Aviva's success through the Aviva Save As You Earn scheme. Supportive policies including parental and carer's leave. Wellbeing focus with tools like Group Income Protection and 24/7 GP access. At Solus, we value inclusivity and welcome all applicants. If you're excited but don't tick every box, we encourage you to apply-your unique skills might be just what we need. We guarantee an interview for disabled applicants meeting the minimum criteria-just email us after applying to let us know. Ready to join us? Apply online today, and our team will be in touch within 14 days.
Oct 25, 2025
Full time
Overview Location: Hybrid (Stansted - 3 days per week, 2 days remote) We're looking for a proactive and detail-oriented Cyber Security Engineer to help safeguard our networks and systems. You'll play a key role in protecting sensitive data and infrastructure from cyber threats, supporting the planning and implementation of robust security measures across the organisation. This is a hands-on role where you'll work closely with our Cyber Security Manager and wider Technology team to ensure our security posture remains strong, compliant, and resilient. Responsibilities Conduct regular vulnerability scans and produce actionable reports Support patch deployment and software approval audits Configure and maintain firewalls, VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to maximise resources Qualifications Desired qualifications and experience: Minimum 2 years' experience in incident detection, response, and forensics Strong understanding of Azure, Zero Trust Estates, DLP, IDS/IPS, Web-Proxy, and Security Audits Analytical mindset with excellent problem-solving skills Excellent communication and stakeholder engagement skills Self-motivated with a passion for learning and innovation Sentinel / SIEM certifications Microsoft Security/Identity certifications ISC2 CC or SSCP DevOps / DevSecOps exposure or certifications Who are Solus? Solus, who are owned by Aviva, are one of the UK leaders in vehicle repairs, returning cars to the road in just 11 days on average and a 4.6/5 star customer rating. With an award-winning apprenticeship programme and winners of other recognised industry awards Solus are proud to be shaping the future of vehicle repair. Why Join Solus? We have so much to offer when it comes to being a Solus colleague: Competitive salary based on location, skills, experience, and qualifications. Bonus opportunity tied to your performance and the overall success of Solus. Company pension scheme with employer contributions. 33 days' holiday (including bank holidays), with the option to buy or sell up to 5 days. Save money with up to 40% discount on Aviva products and other retailer discounts. Share in Aviva's success through the Aviva Save As You Earn scheme. Supportive policies including parental and carer's leave. Wellbeing focus with tools like Group Income Protection and 24/7 GP access. At Solus, we value inclusivity and welcome all applicants. If you're excited but don't tick every box, we encourage you to apply-your unique skills might be just what we need. We guarantee an interview for disabled applicants meeting the minimum criteria-just email us after applying to let us know. Ready to join us? Apply online today, and our team will be in touch within 14 days.
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Oct 07, 2025
Contractor
Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Oct 03, 2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
