Insight Investment are looking for a Cyber Defence Specialist to join our Cyber Security team. This role will maintain the Sentinel Threat Detection capability for Insight's bespoke application. The successful candidate will maintain and optimise the Microsoft Sentinel platform, ensuring its stability, performance, and integration with other security tools, as well as developing use cases for the SOC team. Alongside this, the candidate will support the 24/7 SOC team, providing incident response, and continuously improving detection and automation capabilities. Role Responsibilities Maintain and optimise the Microsoft Sentinel environment, including configuration, performance tuning, and health monitoring. Onboard new data sources, connectors, and log streams to support evolving security requirements. Develop and enhance analytics rules, workbooks, and playbooks to improve detection and response. Monitor security alerts alongside the 24/7 SOC team, providing advanced analysis and escalation support. Troubleshoot and resolve issues related to Sentinel ingestion, queries, and automation workflows. Collaborate with SOC analysts, application and development teams, security engineers and security architects to ensure effective threat detection and incident response. Document configurations, processes, and improvements for operational continuity. Experience Required Experience developing, testing and implementing use cases/detection rules for the Sentinel SIEM environment. Strong hands on experience with Microsoft Sentinel and related Azure security services. Proficiency in Kusto Query Language (KQL) for creating and tuning detection rules and dashboards. Solid understanding of SIEM concepts, log ingestion, and security monitoring practices. Experience with incident response workflows and SOC operations. Ability to work collaboratively with development, engineering and monitoring teams. Excellent problem solving and communication skills. Advantageous Experience with SOAR automation and playbook development. Familiarity with cloud security monitoring across Azure, AWS, or GCP. Knowledge of MITRE ATT&CK framework and threat detection methodologies. Exposure to compliance driven environments and security best practices. Relevant certifications (e.g., SC-200, AZ-500, Security+). About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability driven investment, risk management, full spectre fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:
Dec 07, 2025
Full time
Insight Investment are looking for a Cyber Defence Specialist to join our Cyber Security team. This role will maintain the Sentinel Threat Detection capability for Insight's bespoke application. The successful candidate will maintain and optimise the Microsoft Sentinel platform, ensuring its stability, performance, and integration with other security tools, as well as developing use cases for the SOC team. Alongside this, the candidate will support the 24/7 SOC team, providing incident response, and continuously improving detection and automation capabilities. Role Responsibilities Maintain and optimise the Microsoft Sentinel environment, including configuration, performance tuning, and health monitoring. Onboard new data sources, connectors, and log streams to support evolving security requirements. Develop and enhance analytics rules, workbooks, and playbooks to improve detection and response. Monitor security alerts alongside the 24/7 SOC team, providing advanced analysis and escalation support. Troubleshoot and resolve issues related to Sentinel ingestion, queries, and automation workflows. Collaborate with SOC analysts, application and development teams, security engineers and security architects to ensure effective threat detection and incident response. Document configurations, processes, and improvements for operational continuity. Experience Required Experience developing, testing and implementing use cases/detection rules for the Sentinel SIEM environment. Strong hands on experience with Microsoft Sentinel and related Azure security services. Proficiency in Kusto Query Language (KQL) for creating and tuning detection rules and dashboards. Solid understanding of SIEM concepts, log ingestion, and security monitoring practices. Experience with incident response workflows and SOC operations. Ability to work collaboratively with development, engineering and monitoring teams. Excellent problem solving and communication skills. Advantageous Experience with SOAR automation and playbook development. Familiarity with cloud security monitoring across Azure, AWS, or GCP. Knowledge of MITRE ATT&CK framework and threat detection methodologies. Exposure to compliance driven environments and security best practices. Relevant certifications (e.g., SC-200, AZ-500, Security+). About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability driven investment, risk management, full spectre fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:
Insight Investment are looking for a Cyber Defence Specialist to join our Cyber Security team. This role will maintain the Sentinel Threat Detection capability for Insight's bespoke application. The successful candidate will maintain and optimise the Microsoft Sentinel platform, ensuring its stability, performance, and integration with other security tools, as well as developing use cases for the SOC team. Alongside this, the candidate will support the 24/7 SOC team, providing incident response, and continuously improving detection and automation capabilities. Role Responsibilities Maintain and optimise the Microsoft Sentinel environment, including configuration, performance tuning, and health monitoring. Onboard new data sources, connectors, and log streams to support evolving security requirements. Develop and enhance analytics rules, workbooks, and playbooks to improve detection and response. Monitor security alerts alongside the 24/7 SOC team, providing advanced analysis and escalation support. Troubleshoot and resolve issues related to Sentinel ingestion, queries, and automation workflows. Collaborate with SOC analysts, application and development teams, security engineers and security architects to ensure effective threat detection and incident response. Document configurations, processes, and improvements for operational continuity. Experience Required Experience developing, testing and implementing use cases/detection rules for the Sentinel SIEM environment. Strong hands on experience with Microsoft Sentinel and related Azure security services. Proficiency in Kusto Query Language (KQL) for creating and tuning detection rules and dashboards. Solid understanding of SIEM concepts, log ingestion, and security monitoring practices. Experience with incident response workflows and SOC operations. Ability to work collaboratively with development, engineering and monitoring teams. Excellent problem solving and communication skills. Advantageous Experience with SOAR automation and playbook development. Familiarity with cloud security monitoring across Azure, AWS, or GCP. Knowledge of MITRE ATT&CK framework and threat detection methodologies. Exposure to compliance driven environments and security best practices. Relevant certifications (e.g., SC-200, AZ-500, Security+). About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability driven investment, risk management, full spectre fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:
Dec 05, 2025
Full time
Insight Investment are looking for a Cyber Defence Specialist to join our Cyber Security team. This role will maintain the Sentinel Threat Detection capability for Insight's bespoke application. The successful candidate will maintain and optimise the Microsoft Sentinel platform, ensuring its stability, performance, and integration with other security tools, as well as developing use cases for the SOC team. Alongside this, the candidate will support the 24/7 SOC team, providing incident response, and continuously improving detection and automation capabilities. Role Responsibilities Maintain and optimise the Microsoft Sentinel environment, including configuration, performance tuning, and health monitoring. Onboard new data sources, connectors, and log streams to support evolving security requirements. Develop and enhance analytics rules, workbooks, and playbooks to improve detection and response. Monitor security alerts alongside the 24/7 SOC team, providing advanced analysis and escalation support. Troubleshoot and resolve issues related to Sentinel ingestion, queries, and automation workflows. Collaborate with SOC analysts, application and development teams, security engineers and security architects to ensure effective threat detection and incident response. Document configurations, processes, and improvements for operational continuity. Experience Required Experience developing, testing and implementing use cases/detection rules for the Sentinel SIEM environment. Strong hands on experience with Microsoft Sentinel and related Azure security services. Proficiency in Kusto Query Language (KQL) for creating and tuning detection rules and dashboards. Solid understanding of SIEM concepts, log ingestion, and security monitoring practices. Experience with incident response workflows and SOC operations. Ability to work collaboratively with development, engineering and monitoring teams. Excellent problem solving and communication skills. Advantageous Experience with SOAR automation and playbook development. Familiarity with cloud security monitoring across Azure, AWS, or GCP. Knowledge of MITRE ATT&CK framework and threat detection methodologies. Exposure to compliance driven environments and security best practices. Relevant certifications (e.g., SC-200, AZ-500, Security+). About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability driven investment, risk management, full spectre fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:
Overview Description Cyber Defence Analyst Location: Farnborough on a 12-hour, 4 days on, 4 days off day and night shift pattern The Role: Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, requires a Cyber Defence Analyst to work in its CSOC (Cyber Security Operations Centre) Team. The Cyber Defence Analyst will contribute to the growth and development of the CSOC. You will work with a wide variety of stakeholders to ensure the Leidos CSOC, a Defensive Cyber Security capability, can support a customer's Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating risk of Cyber Attack. The successful candidate will have CSOC experience or demonstrate sufficient transferable Cyber Security knowledge, qualifications, aptitude, and passion to quickly learn the Cyber Defence Analyst role. To succeed, the candidate must be capable of working under pressure, delivering on multiple customer accounts, and have an appetite to progress and develop their Cyber Security career. The role operates within a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager. What will I be doing? Maintain the integrity and security of Cyber Security systems and networks. Support Cyber Security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data from Cyber Defence tools (firewalls, IDS, network traffic, UEBA, SOAR, etc.) to analyse events within the environment. Respond to and correlate alerts from detective and preventative tools such as SIEM, EPP, EDR, XDR, WAF, and Firewalls. Proactively detect suspicious activity, vulnerabilities, and misconfigurations before they can be exploited, protecting Confidentiality, Integrity and Availability. Inspect and correlate logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC). Continuously scan the Threat Horizon to classify Threats by impact on a client's network or solution. Engage with security communities to review and share knowledge on IOC's and Threats. Follow and develop the Cyber Security Incident Response Process and Playbooks. Apply Cyber Security Incident Prioritisation Criteria to classify and rate Incidents. Define and coordinate countermeasures to mitigate Threats and support action plans in response to Incidents. Ensure confidentiality and discretion when dealing with multiple clients. Run Vulnerability Assessment tools to measure compliance with security updates and patches. Contribute as a team member performing multiple daily CSOC checks to detect and respond to suspicious activity or alerts. Record events and actions during a Cyber Security Incident accurately to enable effective handovers during shift changes. Continuously improve CSOC processes and collaborate with stakeholders from other technology stacks to contribute to Incident Response. Perform tabletop scenarios and derive lessons learned. What does Leidos need from me? Experience of Sentinel, Microsoft XDR and Microsoft Defender variants, and Elastic Security, or aptitude to learn SIEM technologies. Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence. Experience investigating Cyber Security incidents and supporting root cause analysis or transferable skills to learn and excel. Understanding of the Confidentiality, Integrity, and Availability (CIA) triad. Understanding of trends for malware, ransomware and Advanced Persistent Threats affecting Cloud and On-Premises solutions. Experience working within Change Controlled environments. Understanding of the OSI 7 network layers and TCP/IP networking. Understanding of network and boundary protection controls for Cloud and On-Premises solutions, including Firewalls, ACLs, NSGs, DDoS Protection, VPNs, Mail Gateways, Web Proxies, Load Balancers, WAFs, IPS, and IDS. Communication and Soft Skills Good verbal and written communication for handovers, reports, and documenting events during Incidents. Positive, collaborative, and self-motivated with the ability to work with minimal supervision. Ability to build strong relationships with customers and internal stakeholders. Analytical thinking with the ability to plan and remediate problems. Ability to track market trends and stay at the forefront of Cyber Security Technology. Ability to manage multiple work streams, prioritise, and escalate as necessary. Initiative-taker with the drive to see solutions through to completion. Agility and flexibility to cover shifts at short notice to ensure CSOC protection for customers. Desirable Exposure to working on or within HM Government classified systems or programs. Clearance Requirements Due to the nature of the work, candidates must be British and non-dual nationals. Candidates must be eligible to hold DV clearance. Clearance to start role: SC. What we do for you At Leidos we are passionate about customer success, united as a team and inspired to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains top talent. Our reward scheme includes: contributory pension, private medical insurance, 33 days annual leave (including holidays), and access to Flexible benefits (life assurance, health schemes, gym memberships, annual buy/sell holidays, cycle to work). Flexi-Time Working Commitment to Diversity We welcome applications from all parts of the community and are committed to a diverse and inclusive culture. If you have a disability or need reasonable adjustments during the application and selection stages, please let us know and we will respond appropriately. Who We Are Leidos UK & Europe - we work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose, Collaboration, and People. We offer flexible work arrangements to enable you to perform your role effectively, whether from home, office, or customer sites. Come break things (in a good way). Then build them smarter. We solve high-stakes problems with code and a healthy disregard for "how it's always been done." Pay Range £36,700.00 - £45,900.00
Dec 05, 2025
Full time
Overview Description Cyber Defence Analyst Location: Farnborough on a 12-hour, 4 days on, 4 days off day and night shift pattern The Role: Leidos, a Global IT Solutions Provider specialising in large scale implementations involving science, engineering, and technology, requires a Cyber Defence Analyst to work in its CSOC (Cyber Security Operations Centre) Team. The Cyber Defence Analyst will contribute to the growth and development of the CSOC. You will work with a wide variety of stakeholders to ensure the Leidos CSOC, a Defensive Cyber Security capability, can support a customer's Cyber Resilience, protecting them with a 24 x 7 Threat Detection and Response service, mitigating risk of Cyber Attack. The successful candidate will have CSOC experience or demonstrate sufficient transferable Cyber Security knowledge, qualifications, aptitude, and passion to quickly learn the Cyber Defence Analyst role. To succeed, the candidate must be capable of working under pressure, delivering on multiple customer accounts, and have an appetite to progress and develop their Cyber Security career. The role operates within a matrix managed environment, reporting operationally to the CSOC Lead and accountable to the CSOC Manager. What will I be doing? Maintain the integrity and security of Cyber Security systems and networks. Support Cyber Security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data from Cyber Defence tools (firewalls, IDS, network traffic, UEBA, SOAR, etc.) to analyse events within the environment. Respond to and correlate alerts from detective and preventative tools such as SIEM, EPP, EDR, XDR, WAF, and Firewalls. Proactively detect suspicious activity, vulnerabilities, and misconfigurations before they can be exploited, protecting Confidentiality, Integrity and Availability. Inspect and correlate logs from multiple sources to identify repeating patterns and Indicators of Compromise (IOC). Continuously scan the Threat Horizon to classify Threats by impact on a client's network or solution. Engage with security communities to review and share knowledge on IOC's and Threats. Follow and develop the Cyber Security Incident Response Process and Playbooks. Apply Cyber Security Incident Prioritisation Criteria to classify and rate Incidents. Define and coordinate countermeasures to mitigate Threats and support action plans in response to Incidents. Ensure confidentiality and discretion when dealing with multiple clients. Run Vulnerability Assessment tools to measure compliance with security updates and patches. Contribute as a team member performing multiple daily CSOC checks to detect and respond to suspicious activity or alerts. Record events and actions during a Cyber Security Incident accurately to enable effective handovers during shift changes. Continuously improve CSOC processes and collaborate with stakeholders from other technology stacks to contribute to Incident Response. Perform tabletop scenarios and derive lessons learned. What does Leidos need from me? Experience of Sentinel, Microsoft XDR and Microsoft Defender variants, and Elastic Security, or aptitude to learn SIEM technologies. Experience and knowledge of SIEM tools, Cyber Security Incident Response, Vulnerability Management and Cyber Threat Intelligence. Experience investigating Cyber Security incidents and supporting root cause analysis or transferable skills to learn and excel. Understanding of the Confidentiality, Integrity, and Availability (CIA) triad. Understanding of trends for malware, ransomware and Advanced Persistent Threats affecting Cloud and On-Premises solutions. Experience working within Change Controlled environments. Understanding of the OSI 7 network layers and TCP/IP networking. Understanding of network and boundary protection controls for Cloud and On-Premises solutions, including Firewalls, ACLs, NSGs, DDoS Protection, VPNs, Mail Gateways, Web Proxies, Load Balancers, WAFs, IPS, and IDS. Communication and Soft Skills Good verbal and written communication for handovers, reports, and documenting events during Incidents. Positive, collaborative, and self-motivated with the ability to work with minimal supervision. Ability to build strong relationships with customers and internal stakeholders. Analytical thinking with the ability to plan and remediate problems. Ability to track market trends and stay at the forefront of Cyber Security Technology. Ability to manage multiple work streams, prioritise, and escalate as necessary. Initiative-taker with the drive to see solutions through to completion. Agility and flexibility to cover shifts at short notice to ensure CSOC protection for customers. Desirable Exposure to working on or within HM Government classified systems or programs. Clearance Requirements Due to the nature of the work, candidates must be British and non-dual nationals. Candidates must be eligible to hold DV clearance. Clearance to start role: SC. What we do for you At Leidos we are passionate about customer success, united as a team and inspired to make a difference. We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, while nurturing a healthy work-life balance. We provide an employment package that attracts, develops and retains top talent. Our reward scheme includes: contributory pension, private medical insurance, 33 days annual leave (including holidays), and access to Flexible benefits (life assurance, health schemes, gym memberships, annual buy/sell holidays, cycle to work). Flexi-Time Working Commitment to Diversity We welcome applications from all parts of the community and are committed to a diverse and inclusive culture. If you have a disability or need reasonable adjustments during the application and selection stages, please let us know and we will respond appropriately. Who We Are Leidos UK & Europe - we work to make the world safer, healthier, and more efficient through technology, engineering and science. Leidos is a growing company delivering innovative technology and solutions focused on safeguarding critical capabilities and transformation in defence, healthcare, government, safety and security, and transportation. What Makes Us Different: Purpose, Collaboration, and People. We offer flexible work arrangements to enable you to perform your role effectively, whether from home, office, or customer sites. Come break things (in a good way). Then build them smarter. We solve high-stakes problems with code and a healthy disregard for "how it's always been done." Pay Range £36,700.00 - £45,900.00
SOC Practitioner Analyst £364.65p daily rate - PAYE £467.08p daily rate Umbrella Inside IR35 Full time 6 Month Contract Initially Milton Keynes / Hybrid 60% onsite working DV Clearance required Restrictions Apply Our government client is seeking an experienced level 1 SOC Practitioner Analyst to work in an existing team consisting of Cyber SOC Engineers and Cyber SOC Analysts on a temporary basis until a permanent position can be filled. Scope and Objectives To Work alongside an existing team of Cyber Engineer and Cyber Analysts within an established Security Operations Centre to provide level 1 triage analysis duties which include: Monitor, triage and investigate Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings and self-study. Perform analysis of Security Event Data / Security Alerts to support Customers in responding to Security Incidents. Ensure Protective monitoring tools are performing as expected. Assist in the Creation of procedures to report incidents to customers Assisting in the Development of the team to ensure best practice and that their knowledge is up to date. In association with other colleagues provide an on-Call service to investigate and remedy security and technical issues in relation to the SOC service on a 24/7 basis . Skills and Experience Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within a SOC environment. Knowledge of IT Networking, specifically in Firewalls and other Network security devices Strong interpersonal skills ability to assist other team members Excellent Communication Skills Constraints: Candidates submitted for this role must be British nationals, to confirm: They are a British citizen or hold dual nationality, and They have been a resident in the UK for at least two of the last 5 years Due to the nature of this work Government security clearance if not already held will need to be obtained. The minimum clearance required for this role is DV. (Although advantageous, it is not a requirement that an individual already holds Security Clearance.) Candidates who do not currently hold clearance must be able to obtain the appropriate level of clearance for the role specified. Short-listed candidates will be submitted for vetting procedures before being formally offered the position. This process can take 6-8 weeks. If this role is of interest and you meet the above criteria, then please apply immediately.
Dec 05, 2025
Contractor
SOC Practitioner Analyst £364.65p daily rate - PAYE £467.08p daily rate Umbrella Inside IR35 Full time 6 Month Contract Initially Milton Keynes / Hybrid 60% onsite working DV Clearance required Restrictions Apply Our government client is seeking an experienced level 1 SOC Practitioner Analyst to work in an existing team consisting of Cyber SOC Engineers and Cyber SOC Analysts on a temporary basis until a permanent position can be filled. Scope and Objectives To Work alongside an existing team of Cyber Engineer and Cyber Analysts within an established Security Operations Centre to provide level 1 triage analysis duties which include: Monitor, triage and investigate Security Alerts on the various monitoring tools to identify potential Security Incidents. Escalate suspected Security Incidents to the Lead Analysts. Assist Lead Analysts and Incident Response team with investigation and containment. Maintain knowledge of technology and cyber threats by reading Threat Intel, reports, attending Threat Intel briefings and self-study. Perform analysis of Security Event Data / Security Alerts to support Customers in responding to Security Incidents. Ensure Protective monitoring tools are performing as expected. Assist in the Creation of procedures to report incidents to customers Assisting in the Development of the team to ensure best practice and that their knowledge is up to date. In association with other colleagues provide an on-Call service to investigate and remedy security and technical issues in relation to the SOC service on a 24/7 basis . Skills and Experience Working knowledge of Various Operating systems including Windows and Linux. Experience of working with SIEM and IPS products within a SOC Environment. Good Analytical skills with the ability to manipulate, interrogate and analyse large data sets. Relevant cyber security analyst experience within a SOC environment. Knowledge of IT Networking, specifically in Firewalls and other Network security devices Strong interpersonal skills ability to assist other team members Excellent Communication Skills Constraints: Candidates submitted for this role must be British nationals, to confirm: They are a British citizen or hold dual nationality, and They have been a resident in the UK for at least two of the last 5 years Due to the nature of this work Government security clearance if not already held will need to be obtained. The minimum clearance required for this role is DV. (Although advantageous, it is not a requirement that an individual already holds Security Clearance.) Candidates who do not currently hold clearance must be able to obtain the appropriate level of clearance for the role specified. Short-listed candidates will be submitted for vetting procedures before being formally offered the position. This process can take 6-8 weeks. If this role is of interest and you meet the above criteria, then please apply immediately.
Location: Stevenage (onsite / shift patterns) Duration: 6 month initial contract Rate: 45ph UMB to 66ph UMB (Inside IR35) Due to the nature of the role, candidates must be eligible for UK Eyes Only Security Clearance. Role details: Our client, a leading defence company, are looking for a SOC Analyst to join their team in Stevenage. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: This role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement What we are looking for in you: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies Note, shift patterns applicable. (The shift pattern rotates each cycle - it may start with lates -> Nights -> earlies and the next cycle could be: Nights -> earlies -> lates). Initially you may not be expected to do nights until the team grows. 31.5 hours per week Apply today via the link provided!
Dec 05, 2025
Contractor
Location: Stevenage (onsite / shift patterns) Duration: 6 month initial contract Rate: 45ph UMB to 66ph UMB (Inside IR35) Due to the nature of the role, candidates must be eligible for UK Eyes Only Security Clearance. Role details: Our client, a leading defence company, are looking for a SOC Analyst to join their team in Stevenage. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: This role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of MBDA Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement What we are looking for in you: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies Note, shift patterns applicable. (The shift pattern rotates each cycle - it may start with lates -> Nights -> earlies and the next cycle could be: Nights -> earlies -> lates). Initially you may not be expected to do nights until the team grows. 31.5 hours per week Apply today via the link provided!
Service Desk Support Analyst 5 days a week on site Role Overview As a 1st / 2nd line Support Analyst in a team of Field Engineers and Support Analysts, you will be a key player in ensuring the smooth operation of the IT systems. Based at head office in Northampton, you will provide essential support to around 1000 users across multiple sites around the UK. You will provide support on a range of Microsoft based IT systems especially Microsoft 365 along with a range of bespoke applications. Your day-to-day responsibilities as part of the support team will be to: Respond to IT-related telephone calls and emails from colleagues, providing timely and effective support. Log and resolve IT requests within agreed targets. Administer the Microsoft Estate and other key business systems. Monitor and manage IT requests, coordinate projects, handle IT procurement requests, and oversee IT security administration. Oversee the Moves, Additions, Deletions, and Changes (MADC) process, including setting up new users on Microsoft 365. Monitor internal IT mailboxes and respond to colleague requests and automated alerts using the IT Service Management tool. Collaborate with third-party technology and support providers across applications, infrastructure, networking, and telephony. Maintain and update the IT SharePoint page, share best practices, and contribute to our technology knowledge database. Provide general help and advice to users, utilizing remote desktop tools. Your background: Experience as a 1st / 2nd line support analyst - service desk and deskside support Experience in IT administration and support of Microsoft-based systems specifically Microsoft 365, along with IP Telephony and networking Experience with FreshDesk or similar Retail or Automotive background would be beneficial
Dec 05, 2025
Full time
Service Desk Support Analyst 5 days a week on site Role Overview As a 1st / 2nd line Support Analyst in a team of Field Engineers and Support Analysts, you will be a key player in ensuring the smooth operation of the IT systems. Based at head office in Northampton, you will provide essential support to around 1000 users across multiple sites around the UK. You will provide support on a range of Microsoft based IT systems especially Microsoft 365 along with a range of bespoke applications. Your day-to-day responsibilities as part of the support team will be to: Respond to IT-related telephone calls and emails from colleagues, providing timely and effective support. Log and resolve IT requests within agreed targets. Administer the Microsoft Estate and other key business systems. Monitor and manage IT requests, coordinate projects, handle IT procurement requests, and oversee IT security administration. Oversee the Moves, Additions, Deletions, and Changes (MADC) process, including setting up new users on Microsoft 365. Monitor internal IT mailboxes and respond to colleague requests and automated alerts using the IT Service Management tool. Collaborate with third-party technology and support providers across applications, infrastructure, networking, and telephony. Maintain and update the IT SharePoint page, share best practices, and contribute to our technology knowledge database. Provide general help and advice to users, utilizing remote desktop tools. Your background: Experience as a 1st / 2nd line support analyst - service desk and deskside support Experience in IT administration and support of Microsoft-based systems specifically Microsoft 365, along with IP Telephony and networking Experience with FreshDesk or similar Retail or Automotive background would be beneficial
