107 jobs found

MS Dynamics 365 Solution Architect OUTSIDE IR35 REMOTE 450 - 600 pay day Candidate must meet the requirements for UK Security Clearance eligibility or already have SC Clearance I am recruiting for a MS Dynamics 365 Solution Architect for a 3 month contract with possible extensions to work remotely. MS Dynamics 365 Solution Architect Responsibilities Deeply understand product and business needs to design scalable, efficient, and extensible architecture. Take technical ownership of architecture, design, implementation, and delivery of solutions based on Dynamics 365 and Power Platform. Collaborate with development teams, solution architects, enterprise/integration architects, and other cross-functional teams to ensure alignment with product goals. Partner with Project Managers, Tech Leads, and Account Managers to ensure adherence to roadmaps and timelines. Participate in discovery sessions, providing estimates and solution fit assessments. Promote a culture of continuous improvement, advocate best practices, and proactively identify issues with proposed solutions. Deliver high-quality technical design documentation and present technical options and trade-offs to stakeholders. Support application lifecycle management, deployment processes, and release planning. Actively engage in Agile ceremonies including sprint planning, daily stand ups, and retrospectives. Mentor engineers, promote adherence to best practices, and conduct regular code reviews MS Dynamics 365 Solution Architect Essential Skills: Proven experience as a Dynamics 365 and Power Platform Solution Architect, with a strong track record in designing and implementing complex business applications. 8+ years of hands-on experience with Dynamics 365 Sales and Customer Service in enterprise environments; experience with Field Service and Customer Insights is a plus. Strong expertise in architecting solutions using Model-Driven Apps, Dataverse, Connectors, Dataflows, Power Apps Component Framework, Power Automate, and SSIS (KingswaySoft). Proficient in C#, .NET, Power Platform CLI, and JavaScript, with experience in extending the platform using Plugins, Custom Actions, Web APIs, and Web Resources. Deep architectural knowledge of Azure services such as Azure Functions, Service Bus, API Management, Data Factory, and Logic Apps to extend Dynamics 365 and Power Platform. Solid understanding of Power Platform's "Success by Design" framework, including service protection limits, deployability, maintainability, and environmental constraints. Experience with data mapping, transformation, and synchronization for seamless data integration. Strong grasp of security and compliance considerations within Dynamics 365 and Power Platform. Familiarity with software architecture patterns, REST APIs, and best practices for high-volume, high-API environments. Hands-on experience with Azure DevOps, Git, CI/CD pipelines, and ALM for Dynamics 365 projects. Commitment to continuous learning and staying current with modern solution approaches. Excellent analytical and problem-solving skills with the ability to assess complex requirements and propose effective solutions. Strong communication and interpersonal skills for effective collaboration with cross-functional teams. Knowledge of security architecture and enterprise security is a plus. Fluent in English. Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.

Platform Engineer with key skills in Linux, AWS, Ansible and Kubernetes is sought by an AI & data software house based near Cheltenham. Working at the forefront of national defence and security this De Engineer will be working with a close-knit technical team to monitor, manage and improve business critical applications and infrastructure with the aim of facilitating improvements in application deployment & scalability. This role would suit a DevOps or Platform Engineer with a solid background in software engineering and infrastructure who can bring experience working with the latest automation and config management tooling to create a fully automated deployment environment. In return this Platform Engineer can expect a dynamic, engaging, R&D driven culture with extensive progression opportunities and the chance to own the platform functionality of this high growth business. Due to the sensitive nature of the work SC/ DV clearance is preferred but at a minimum all applications must be British citizens with he ability to work on-site. This Platform Engineer based near Cheltenham should have most of the following key skills: - A proven software engineering background (Java, Python, C++, node etc) - Solid Linux/ GNU exposure - IAC experience - Terraform, Ansible, Redhat etc - Both on-premise and cloud (AWS, Azure) exposure - Strong Kubernetes experience - Basic VM management experience - Experience delivering new tooling for infrastructures - Linux/ GNU expertise - Database performance management (MongoDB, PostgreSQL etc) - An agile, flexible personality who feels comfortable working in a fast paced environment This Platform Engineer based near Cheltenham will receive: - Starting salary of £75,000 - Bi-Annual salary reviews - Generous private pension scheme - 10% Bonus scheme - Additional on-call payments if desired (not compulsory) - Private healthcare - Training budget & time allocation - 25 days holiday plus bank holiday - Choice of technology So if you are a Platform Engineer and like the idea of joining a market leading company that offers excellent project ownership skills within a collaborative, autonomous environment please apply now to be considered. Platform Engineer Cheltenham Linux, Java, Python, C++, MongoDB, SRE, automation, node, infrastructure, Kubernetes, ansible, AWS, Terraform, ansible

Apps Integration Engineer Location: Worcester Initial Duration: to end March 26 Clearance: MOD DV - Sole UK Nationals Rate: 550 to 650 per day Key Skills: + COTS Integration + Previous MOD Projects experience Application Integration Engineer - Summary We're looking for an Application Integration Engineer to integrate COTS and bespoke applications into secure Windows Desktop and Server environments. This role sits within the Applications workstream and involves close collaboration with the Customer Design Lead. You'll assess applications-Desktop, Web, Client/Server (2/3-tier), and database-based-to determine installation, configuration, interoperability, and security requirements. Your output: clear, high-quality technical and release documentation to support deployment and long-term maintenance. You'll work alongside software vendors and other teams to develop solution design documents for client approval and deployment into secure environments. Key Responsibilities Analyse applications and select integration templates for fixed/deployed platforms. Create technical and release documentation for deployments. Collaborate with vendors and internal teams on solution design. Report to the Workstream Lead and Scrum Master on progress, blockers, and risks. Ensure all designs meet internal process, quality, and security standards. Engage with customer stakeholders to resolve complex integration cases. Essential Skills & Experience Strong experience in application packaging/repackaging with industry-standard tools. Integration of COTS, GOTS, and client/server apps on Windows and/or Linux (e.g. RHEL). Skilled in Custom Actions , Transforms , and troubleshooting. Good knowledge of VMware , Windows (all versions), and Linux systems. Confident with Group Policy , Registry editing , permissions, and auditing. Scripting in PowerShell , VBScript , or Python . Ability to reverse-engineer install media and configuration processes. Background working in secure environments with a focus on secure application configs. Strong technical documentation skills. Desirable Skills Experience with Azure DevOps and pipelines. Comfortable presenting technical solutions to stakeholders. Exposure to Scaled Agile Framework (SAFe) . Familiarity with or open to learning the ArcSight SIEM toolset (ESM, SmartConnectors, Logger, ArcMC). Tech Stack : Operating Systems : Windows, Linux Tools : VMware, PowerShell, VBScript, Python, Azure DevOps, ArcSight

Site Reliability / DevOp Engineer London - 5 Days Onsite Up to 550 per day (Umbrella, Inside IR35) 12-Month Contract Must hold live and transferrable DV Clearance Are you passionate about reliability, automation, and supporting mission-critical systems? Join this global defence organisation as a Site Reliability Engineer (SRE) and help shape the future of one of the UK's most vital national security platforms. You'll be joining a growing SRE team at the heart of the customer's mission, focused on ensuring performance, availability, and scalability-while driving continuous improvement and innovation. About the Role As an SRE, you'll combine your operational expertise with software engineering skills to minimise manual effort and drive automation across complex systems. This role is perfect for someone who thrives on solving hard problems, automating the mundane, and building intelligent tools to enhance system reliability. Key Responsibilities Support and maintain essential services behind critical applications. Participate in a 24/7 on-call rota (1 week in 5), with extra allowance and overtime. Proactively enhance system availability, performance, and resilience. Develop tools and solutions to automate repetitive tasks and reduce operational toil. Collaborate with development teams to embed best practices and SRE principles. Deploy and manage monitoring systems to provide intelligent observability. Engage with the wider DevOps/SRE community within the organisation. Ideal Skills & Experience We're more interested in your curiosity, enthusiasm, and problem-solving ability than ticking every box. However, experience in any of the following areas would be advantageous: Software development in web technologies or OOP (e.g., Python, Java, etc.) Database tech: Oracle SQL, PostgreSQL, MongoDB Proficient with Linux/Windows command line (Bash, PowerShell) Monitoring: Grafana, Prometheus, ELK, Splunk Agile working and tooling (e.g., Jira, Confluence) Diagnosing and resolving complex system issues ITIL knowledge or exposure to IT service operations Containerisation: Docker, Kubernetes, OpenShift Awareness of modern tech trends and tooling Security Requirements You must hold live DV clearance to be considered. Why Apply? Join a forward-thinking SRE team in an environment where your work directly supports UK national security. Help shape tooling, practices, and culture from the ground up. Work alongside brilliant minds on meaningful problems. Receive ongoing training and professional development. If you're excited about automation, resilient systems, and the opportunity to work on a high-impact project-this is your chance to make a difference.

Overview We are seeking a talented Data and AI Engineer to join our team. As a Data and AI Engineer, you will undertake a comprehensive stock take of current AI initiatives across the UK, assess customer tools and infrastructure, and determine the suitability of applications for executing Systems Engineering identified use-cases. Responsibilities Collaborate with stakeholders to understand and assess the use of AI in Systems Engineering and Model-Based Systems Engineering (MBSE). Conduct external assessments (papers, conferences, internet) to identify suitable AI tools not currently employed by the client. Undertake Proof of Concept (PoC) investigations for selected use cases, which may involve using existing customer tools or testing third-party tools. Use Generative AI to produce Design Verification Plans (DVPs) and AI-generated reference requirements. Identify challenging customer and project requirements. Define the scope of engineering data, starting with systems artefact's (requirements, test results, supporting documentation). Develop and review NLP Generative AI engineering data models tailored to specific Systems Engineering use cases. Ensure compliance with customer Information Management (IM) and Information Security (InfoSec) policies. Formalise, establish governance, and deploy PoC to derive harmonisation and consistency in requirement definition and Verification & Validation activities. Conclude and review the data model to decide on full deployment. Essential skills Strong understanding of AI concepts, benefits, ontology, taxonomy, and applications. Experience in deploying AI to support productivity improvements in the engineering domain. Proficiency in container management and orchestration platforms (e.g., Rancher, Kubernetes, Docker). Experience with data manipulation and visualization tools (e.g., Power BI, Google Analytics' Looker Studio). Ability to code APIs to interact with Large Language Models using Python, or other languages. Experience Strong engineering background, ideally with systems engineering experience; defense engineering experience is desirable. Must hold or be eligible for UK SC clearance Working knowledge of Azure DevOps tools and practices. Benefits Collaborative working environment - we stand shoulder to shoulder with our clients and our peers through good times and challenges We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects Expleo Academy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses Competitive company benefits Always working as one team, our people are not afraid to think big and challenge the status quo As a Disability Confident Committed Employer we have committed to: Ensure our recruitment process is inclusive and accessible Communicating and promoting vacancies Offering an interview to disabled people who meet the minimum criteria for the job Anticipating and providing reasonable adjustments as required Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people "We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age". We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive

Job Title: Full Stack Software Development Engineer Location: Stevenage Rate: 67 p/h - We are booking interviews next week! Please call or email for a slot The Environment Simulator Group provide a real-time environment, running simulations of the sub-systems to test the operation of the unit under test. You will be working within a small team and will be responsible for: - The continued development of the Web UI components Maintenance and testing of .net microservices Creating the appropriate documentation Collaborating with and assisting other members of the team The Role: So, what will you be doing as a Full Stack Software Development Engineer ? Essential experience: Programming Languages:- JavaScript, Typescript, HTML, CSS, C# Framework & Libraries:- Svelte, Angular, Vue.js, React, .NET 7/8 Tools and Technologies Visual Studio, Jira, GitLab, Node.js, npm CI, Docker, Kubernetes, Artifactory You have experience of working on complex, distributed systems with Containerisation including a knowledge of Kubernetes / Docker You have a thorough understanding of Computer Science fundamentals such as OOP, Data Structures, Design Patterns, Algorithms You have experience working in an agile development environment. You have the ability to identify and solve complex problems. You have the ability to design innovative and user-friendly interfaces. You are familiar with modern software testing and deployment practices such as TDD & CI/CD You can set up CI / CD Pipelines You are comfortable with all aspects of the software development lifecycle (planning, analysis, design, implementation, testing and deployment, maintenance) You have excellent communication skills and are comfortable collaborating across teams and with senior stakeholders You have mentored & assisted junior members of the team. Desirable experience: You have experience with other languages such as C++ Linux sysadmin/DevOps/deployment My client is keen to get this position filled ASAP, so if you feel you have the skills and desire to provide passion and drive as the next Full Stack Software Development Engineer, this is the opportunity for you! So, if you are interested in joining a well-established, renowned, globally recognised organisation working with experts in their field as the next Full Stack Software Development Engineer, hit that apply button now! PLEASE NOTE Security Clearance (SC) or eligibility to gain is required to be considered for this vacancy Services advertised by Gold Group are those of an Agency and/or an Employment Business. We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.

Senior APEX Developer 525 to 570 per day Umbrella Bristol (Hybrid - 2 days per week on site 6 Months Security Clearance The successful candidate must be able to achieve and maintain Security Check (SC) security clearance for this role. You'll join the Digital Solutions Team, as a software developer, playing an active role in the through life engineering support to the UK naval fleet support, ensuring that submarines and submariners go to sea safely. What you'll do: Lead requirement analysis, production, and review of technical design solutions of large/complex programmes, supporting the UK submarine fleet. Lead efficient software development using good design - considering code reuse and efficiencies as well as innovative implementation methodologies. Apply technical experience and knowledge in the evaluation of solutions and maintain technical awareness to a level where alternatives can be advised, analysed and modelled. What you'll need: In-depth knowledge of the Oracle APEX web-based application development toolset and its use to design and develop web applications. Demonstrable competence developing complex server-side PL/SQL code for data input validation and data import/export. JavaScript knowledge and experience. Disciplined and methodical approach to configuration control. To attend workshops / reviews / stand-ups to discuss the development project, demonstrate progress to date and communicate with project stakeholders. Share knowledge with team members within the company. To collaborate closely with BAs, PMs, DBA and Infra resources to understand business requirements and translate them into technical solutions. Working experience of Agile Development, Azure DevOps and Scrum

Lead DevSecOps Engineer - 6 month initial contract - 650 per day (INSIDE IR35) - 2-3 days per week onsite (range of locations available) Security Clearance: Due to the nature of the work, an active SC clearance is required for this role. We are looking for a Lead DevSecOps role to join a digital transformation programme. This position is responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI/CD CI/CD pipelines. The role holder will be part of the transformation programmes including tech debt replacement and migration, embedding security to ensure seamless integration of new systems/ features and workflows. The Lead DevSecOps role will be responsible for ensuring that the replacement systems are security compliant, adhering to standards such as Secure by Design and GovAssure, utilising a shift left mentality to fix problems before production. This is as part of highly complex legacy replacements involving approximately 90,000 users. Essential skills and experience: Strong hands-on expertise in DevSecOps practices, particularly security automation in CI/CD and infrastructure-as-code pipelines. Deep understanding of modern DevOps tooling (e.g., GitHub Actions/ CircleCI, Terraform, Kubernetes, Docker) with secure configurations. Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security. Proven track record of using tools such as Snyk, Trivy, Checkov, OPA/Gatekeeper/ OWASP ZAP, or similar to enforce pipeline and platform security. Familiarity with compliance requirements (e.g., NIST, ISO 27001, CIS Benchmarks) and their implementation via code. Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns. Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations). Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.

Senior Automation Test Engineer - UK Highest Government Clearance Required Location: Manchester/Cheltenham (Hybrid) Salary: Competitive/Flexible + Benefits Relocation Assistance: May be available UK Citizenship Required Security Clearance: Must currently hold the highest level of UK Government clearance Opportunity Overview We are seeking a Senior Automation Test Engineer to join a high-performing team delivering advanced technology solutions within the defence and national security sectors. In this role, you will be responsible for designing, implementing and maintaining effective automated testing capabilities that support the delivery of high-quality, mission-critical software. Working within highly Agile, multi-disciplinary teams, you will apply modern testing practices across complex programmes, ensuring the software is robust, secure, and fit for purpose. Key Responsibilities Develop and implement automated test solutions across multiple layers of application architecture Work collaboratively within Agile delivery teams to define and execute test strategies Identify opportunities to improve software delivery through automation, CI/CD and quality engineering practices Support the full software development lifecycle by translating business and technical requirements into test scenarios Champion test best practice and mentor colleagues in the adoption of modern testing principles Essential Skills and Experience Strong background in software testing within Agile environments, with a focus on automation Practical experience with test automation frameworks and tools, supporting TDD/BDD and CI/CD workflows Solid understanding of the software delivery lifecycle and DevOps tooling and techniques Confident communicator with excellent problem-solving and analytical skills Able to influence and inspire quality-first approaches across teams Degree-level qualification or equivalent industry experience ISTQB certification or similar is desirable Must currently hold the highest level of UK Government security clearance UK citizenship is required due to clearance eligibility What's on Offer Flexible and hybrid working arrangements to suit your lifestyle Optional compressed working pattern (e.g. every other Friday off) Competitive salary and performance-related bonuses Private healthcare and pension scheme Access to continuous professional development, mentorship, and internal mobility Supportive and inclusive working environment Application Process If you're ready to apply your expertise to meaningful, mission-focused projects, please contact Christian at TEC Partners . If this opportunity isn't the right fit, we are supporting a range of roles across the UK's defence, cyber and intelligence sectors-get in touch to discuss your goals and preferences.

Cyber Software Engineer - National Security Location: Manchester Clearance Required: Eligibility for DV (Developed Vetting) Clearance (British Citizens only, 10 years UK residency) Protect What Matters Join a trusted and growing supplier in the National Security sector, working at the forefront of technology to develop mission-critical systems that help keep the nation safe, secure, and resilient. This is an opportunity to contribute to innovative programmes involving Cyber Security, AI/Data Science, Cloud, DevOps, and Platform Engineering, all within a secure, impactful environment. With long-term project work secured through major government frameworks, you'll be part of a fast-growing capability with real-world impact. The Role As a Cyber Software Engineer, you'll be part of a highly skilled technical team designing and developing secure software for low-level systems. You'll focus on building resilient, high-assurance code that integrates closely with operating systems and supports the wider cyber mission of national security clients. You'll contribute across the development lifecycle, from architecture and design to testing and integration, all while applying best practices in secure and robust coding. Key Responsibilities Develop secure software in C, C++, or C# Script and automate tasks using Python Work with Linux and/or Windows-based operating systems Integrate software with low-level system components and protocols Contribute to agile development teams using version control and CI/CD pipelines Apply secure coding practices and modern testing patterns Support the mission with technical innovation and hands-on engineering Essential Skills & Experience Strong experience in C, C++, or C# development Familiarity with Python for scripting or automation Exposure to Linux and/or Windows OS internals Understanding of networking and network protocols Comfortable using version control tools such as Git Experience working in agile environments Knowledge of secure software development practices An understanding or interest in the Cyber or National Security domain Why Join? Be part of a mission-driven team working on meaningful, real-world problems Develop cutting-edge solutions using the latest technologies in cyber and software engineering Enjoy long-term project stability with opportunities for career progression and technical growth Contribute to innovation that supports UK national security Location Manchester - Located in one of Europe's fastest-growing tech hubs, the office offers excellent transport links and close proximity to key clients. This role supports the UK Government's levelling-up agenda and contributes to a thriving local tech community. Security & Clearance Due to the sensitive nature of the work, applicants must be eligible for Developed Vetting (DV) clearance. You must be a British Citizen and have resided in the UK for the past 10 years. How to Apply Ready to build software that safeguards national interests? Click apply and submit your up-to-date CV to take the next step in your career.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.

Job Description: SECURITY CLEARANCE: Must have or be able to obtain security clearance eligibility to access UK Ministry of Defence establishments, working within ITAR and Export Control restrictions LOCATION: Newport, South Wales, Portsmouth or Stevenage TYPE: Full time HOURS: 37. WHAT'S IN IT FOR YOU Financial Reward: Competitive salary, annual profit share, contributory pension, share options, car leasing scheme, free onsite parking, season ticket loan, tax-free technology scheme, discounted shopping and much more Work / Life Balance: 37 hour week, flexible working around core hours and Friday afternoons off, hybrid working, up to 2 additional days per month as TOIL, option to buy/sell holiday Personal Development: Personalised development plan, Airbus Leadership University and unlimited access to 10,000+ E-learning courses, internal mobility including international opportunities Health & Wellbeing: Wellbeing benefits (including 24/7 online GP and mental health support), Employee Assistance Programme, discounted family health / dental insurance / eye tests, cycle-to-work scheme Family and Caregiving: Life assurance, enhanced pay for maternity, paternity, adoption and shared parental leave and caregiving Inclusive Environment: Wellbeing room, Multi-faith room, Employee Representative Groups (Gender, LGBTQ+, International, Generational, Disability, Social & Cultural Diversity, Neurodiversity) Our world is changing. And so are we. From our commitment to zero-carbon flight ( ) to cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of our SOC blueprint and managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM Threat Analysis - Leverage the organization's CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership needs. Threat Hunting - Proactively hunt for signs of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic-making them reusable by SOC, IR, and detection engineering teams. Collaborate with detection engineers to convert hunt findings into long-term detections and SIEM use cases , contributing to continuous monitoring improvements. Continuously refine and document hunt processes and hypotheses for knowledge sharing across cyber defense teams. Monitoring & Anticipation - Maintain situational awareness of the evolving threat landscape through open-source intelligence (OSINT), commercial feeds, dark web monitoring , and collaboration with national cybersecurity bodies. Detect and flag early indicators of potential cyber campaigns targeting aerospace or defense sectors. Assist in the development and fine-tuning of detection rules and alerts for monitoring security systems (e.g., SIEM, EDR). Contribute in the specification of telemetry log sources and data normalization for its processing in Cyber Detection. Develop tools and techniques to identify patterns and anomalies in network traffic, system logs, and application data that could indicate security incidents (Threat Hunting). Implement adversary emulation tests to assess the quality of the detection rules Stakeholder Engagement - Build relationships with external CTI peers in industry and government to share best practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. Rapid Response Enablement - Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident analysis by enriching forensic investigations with relevant threat intelligence context. ABOUT YOU Technical Skills - Understanding of security tools such as EDR, Windows Logging, firewalls, intrusion detection/prevention systems (IDS/IPS). Deep knowledge of Operating System insights (Windows/Linux). Experience with Python is a requirement, PowerShell/Bash are a plus. Understanding of DevOps, git Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR). Experience building code-based hunting or automation playbooks (e.g., Python, Jupyter Notebooks, PowerShell ). Familiarity with scripting or automation for IOC enrichment, API integrations , and telemetry analysis. Ability to correlate multiple data sources and pivot across logs, alerts, and CTI for deeper investigation. Understanding of threat modeling, detection engineering , or purple teaming is a plus. Not a 100% match? No worries! Airbus supports your personal growth with custom development solutions. HOW WE CAN SUPPORT YOU Many of our staff work flexibly in many different ways, including part-time. Please talk to us at the interview about the flexibility you need and we'll always do our best to accommodate your request. Please let us know if you need us to make any adjustments for the selection process - you can share this with your Talent Acquisition Partner if you are invited to interview. Examples may include (but not exclusive to) accessible facilities; auxiliary aids; room layout, etc. Any information disclosed will be treated in the strictest confidence. As a Disability Confident Employer, Airbus UK will offer an interview to any applicant that considers themselves to have a disability or long-term condition and meets the minimum criteria of the role (as set out in the job advert). To 'opt in', just select the option during your application submission and our Talent Acquisition team will contact you. :MF1 This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company's success, reputation and sustainable growth. Company: AIRBUS Defence and Space Limited Employment Type: Permanent - Experience Level: Professional Job Family: Cyber Security By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus. Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief. Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to . At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.