World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 2x SOC Threat Detection Analyst subcontractors on an initial 12 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 81.35 per hour Contract Duration: 12 Months Shift pattern: 6.00am - 2.00pm & 2.00pm - 10.00pm / 5 days a week on site. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the Cyber Security Operations Centre (SOC) within Information Management (IM) for a Cyber Threat Operations specialist. Supporting the Active Defence & Incident Response Manger in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat hunting, detection and analysis within the 24x7 SOC. Responsibilities: To support the Active Defence Incident Response Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover Threat hunting, analysis, monitoring, Optimising, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The Cyber Threat Operations specialist reports to the Active Defence & Incident Response Manager. The Cyber Threat Operations specialist conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The Cyber Threat Operations specialist key responsibilities are: Conduct proactive Threat Hunting in collaboration with the CTI function Lead Optimisation of the Threat Detection rulesets working with the ISR function Assist with the maintenance of Security technologies Assisting the SOC Team with project activity Supporting the Incident responder with HR and InfoSec related investigations Attend routine security meetings Skillset/experience required: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Demonstrable experience with YARA and Sigma rulesets Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers.
Feb 15, 2025
Contractor
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 2x SOC Threat Detection Analyst subcontractors on an initial 12 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 81.35 per hour Contract Duration: 12 Months Shift pattern: 6.00am - 2.00pm & 2.00pm - 10.00pm / 5 days a week on site. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the Cyber Security Operations Centre (SOC) within Information Management (IM) for a Cyber Threat Operations specialist. Supporting the Active Defence & Incident Response Manger in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat hunting, detection and analysis within the 24x7 SOC. Responsibilities: To support the Active Defence Incident Response Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover Threat hunting, analysis, monitoring, Optimising, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The Cyber Threat Operations specialist reports to the Active Defence & Incident Response Manager. The Cyber Threat Operations specialist conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The Cyber Threat Operations specialist key responsibilities are: Conduct proactive Threat Hunting in collaboration with the CTI function Lead Optimisation of the Threat Detection rulesets working with the ISR function Assist with the maintenance of Security technologies Assisting the SOC Team with project activity Supporting the Incident responder with HR and InfoSec related investigations Attend routine security meetings Skillset/experience required: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Demonstrable experience with YARA and Sigma rulesets Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers.
One of our clients, a leading provider of managed security services, is looking for a Level 3 Security Analyst to join their Security Operations Center (SOC). This is an exciting opportunity to work in a growing team that plays a crucial role in monitoring, detecting, and responding to cyber threats. As a Level 3 Security Analyst, you will be responsible for investigating security incidents, performing threat analysis, and contributing to continuous improvements in security operations. This role offers a blend of hands-on technical work and strategic input to enhance security processes and solutions. Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with internal teams and clients to strengthen security posture. Provide technical expertise and guidance on security incidents and resolutions. Participate in the on-call rota to provide 24/7 incident response support. Contribute to process improvements and knowledge-sharing within the SOC team. Skills/Must have: Minimum of 4 years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
Feb 15, 2025
Full time
One of our clients, a leading provider of managed security services, is looking for a Level 3 Security Analyst to join their Security Operations Center (SOC). This is an exciting opportunity to work in a growing team that plays a crucial role in monitoring, detecting, and responding to cyber threats. As a Level 3 Security Analyst, you will be responsible for investigating security incidents, performing threat analysis, and contributing to continuous improvements in security operations. This role offers a blend of hands-on technical work and strategic input to enhance security processes and solutions. Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with internal teams and clients to strengthen security posture. Provide technical expertise and guidance on security incidents and resolutions. Participate in the on-call rota to provide 24/7 incident response support. Contribute to process improvements and knowledge-sharing within the SOC team. Skills/Must have: Minimum of 4 years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
An SOC Threat Detection Analyst is required for a full time on-site contract assignment based in Stevenage for a multi-national defence company. Candidates will need to be cleared to SC UK EYES ONLY level prior to start and be eligible and willing to undergo subsequent DV clearance. Two shift system 6am to 2pm and 2pm to 10pm five days per week. Overview of department: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Skillset/experience required: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Feb 14, 2025
Contractor
An SOC Threat Detection Analyst is required for a full time on-site contract assignment based in Stevenage for a multi-national defence company. Candidates will need to be cleared to SC UK EYES ONLY level prior to start and be eligible and willing to undergo subsequent DV clearance. Two shift system 6am to 2pm and 2pm to 10pm five days per week. Overview of department: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Conduct proactive threat hunting in collaboration with the CTI function Conduct HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Skillset/experience required: A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Role: Senior SOC Analyst Salary: circa £45,000 per annum + benefits package Location: Onsite in Gosport DV Clearance will be required to start and you will be sponsored through this process if not in place already. We are recruiting for a Senior SOC Analyst to join a large organisation operating within the UK defence sector. You will be joining a busy SOC, leading incident response fine tuning detection rules. Key experience required; + SIEM knowledge and experience i,e, Sentinel and Splunk + Previous SOC experience + Understanding of network and security technologies If you are interested in discussing this Senior SOC Analyst role further, please apply or send a copy of your updated CV to (see below) CBSbutler is acting as an employment agency for this role.
Feb 14, 2025
Full time
Role: Senior SOC Analyst Salary: circa £45,000 per annum + benefits package Location: Onsite in Gosport DV Clearance will be required to start and you will be sponsored through this process if not in place already. We are recruiting for a Senior SOC Analyst to join a large organisation operating within the UK defence sector. You will be joining a busy SOC, leading incident response fine tuning detection rules. Key experience required; + SIEM knowledge and experience i,e, Sentinel and Splunk + Previous SOC experience + Understanding of network and security technologies If you are interested in discussing this Senior SOC Analyst role further, please apply or send a copy of your updated CV to (see below) CBSbutler is acting as an employment agency for this role.
Job Title: IT Technical Architect Duration: 8-month contract Location: Remote with occasional travel to Warrington Reference Number: (phone number removed) About the Opportunity: We are seeking a highly skilled and experienced Technical Architect to join our dynamic and innovative team. In this critical role, you will be responsible for providing technical leadership and guidance across a range of complex projects and services. You will play a key role in defining and implementing the technical vision and roadmap for many elements of our organization, ensuring that our technology solutions align with our business objectives and support our future growth. Key Responsibilities: Technical Leadership: Provide technical leadership and guidance to project and service teams, ensuring the successful delivery of complex technical solutions. Define and document technical architectures, including system and component diagrams, data flows, and integration points. Evaluate and recommend appropriate technologies and tools to meet business requirements. Conduct technical feasibility studies and impact assessments. Ensure that all technical solutions are aligned with enterprise architecture principles and standards. Solution Design & Development: Design and develop robust and scalable technical solutions that meet business needs and exceed expectations. Develop and maintain technical roadmaps and strategies to support continuous improvement and innovation. Identify and evaluate emerging technologies and their potential impact on the organization. Contribute to the development of proof-of-concepts and prototypes to validate new technologies and approaches. Project Delivery: Actively participate in all phases of the project lifecycle, from inception to implementation and ongoing support. Collaborate effectively with project managers, business analysts, engineers, and other stakeholders. Manage technical risks and issues and develop mitigation plans. Ensure all stakeholders are appropriately appraised of technical plans and associated business impacts Operational Excellence: Develop and implement plans to improve operational efficiency and reduce technical debt. Identify and implement opportunities to automate and streamline processes. Provide technical support and guidance to operations teams. M&A Support: Provide technical due diligence and integration support for mergers and acquisitions. Assess the technical landscape of acquired companies and develop plans for integrating their systems and processes. Essential Skills & Experience: Proven experience as a Technical Architect with a strong understanding of various technologies and architectures Industry Best Practices: experienced in applying and aligning to ITIL, Prince2, TOGAF, Archimate Deep expertise in multiple technical domains, including but not limited to: Enterprise-scale IT: technologies that drive a modern-day large-scale enterprise (5000+ users) Service Desk: ITSM platform (ServiceNow) EUC: end point devices, end point platform management (inTune, SCCM) Apps: CRM, ERP, HCM, Finance, Payroll, Development Environments, Servers: public, private, cloud Network: WAN, LAN, WLAN, Switches, Routers, Firewalls, SD-WAN (Palo Alto, Meraki, Cisco) Storage: SAN, Back-up (VEEAM, Cisco, HP) Cloud: MS Azure Cyber Security: IPS / IDS, SIEM, XDR, AV, NIST, ISO27001 Data Science: MS Data Fabric, Data Bricks, LLMs Automation: RPA, iPaaS, Low Code / No Code development (MS Power Platform) Strong analytical and problem-solving skills with the ability to think strategically and creatively. Excellent communication and interpersonal skills with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences. Proven ability to work effectively in a fast-paced, dynamic environment, managing multiple projects and priorities simultaneously. Experience working in a matrixed organization, collaborating with cross-functional teams across different locations. Strong project management and organizational skills. Desirable Skills & Experience: Experience with M&A activities, including technical due diligence and integration planning. Experience with Agile development methodologies (e.g., Scrum, Kanban) Experience with DevSecOps practices and tools Relevant industry certifications (e.g. Azure Certified Solutions Architect) The NRL Group connect global companies with the right people to bring engineering projects to life. Supporting contracting companies with energy transition plans and working with our clients to create a cleaner, greener future. We welcome applications from every walk of life and are committed to diversity within the industries we support, as a certified Inclusive Recruiter and Armed Forces friendly employer. You can ensure you stay safe when job searching online by visiting the JobsAware website.
Feb 14, 2025
Contractor
Job Title: IT Technical Architect Duration: 8-month contract Location: Remote with occasional travel to Warrington Reference Number: (phone number removed) About the Opportunity: We are seeking a highly skilled and experienced Technical Architect to join our dynamic and innovative team. In this critical role, you will be responsible for providing technical leadership and guidance across a range of complex projects and services. You will play a key role in defining and implementing the technical vision and roadmap for many elements of our organization, ensuring that our technology solutions align with our business objectives and support our future growth. Key Responsibilities: Technical Leadership: Provide technical leadership and guidance to project and service teams, ensuring the successful delivery of complex technical solutions. Define and document technical architectures, including system and component diagrams, data flows, and integration points. Evaluate and recommend appropriate technologies and tools to meet business requirements. Conduct technical feasibility studies and impact assessments. Ensure that all technical solutions are aligned with enterprise architecture principles and standards. Solution Design & Development: Design and develop robust and scalable technical solutions that meet business needs and exceed expectations. Develop and maintain technical roadmaps and strategies to support continuous improvement and innovation. Identify and evaluate emerging technologies and their potential impact on the organization. Contribute to the development of proof-of-concepts and prototypes to validate new technologies and approaches. Project Delivery: Actively participate in all phases of the project lifecycle, from inception to implementation and ongoing support. Collaborate effectively with project managers, business analysts, engineers, and other stakeholders. Manage technical risks and issues and develop mitigation plans. Ensure all stakeholders are appropriately appraised of technical plans and associated business impacts Operational Excellence: Develop and implement plans to improve operational efficiency and reduce technical debt. Identify and implement opportunities to automate and streamline processes. Provide technical support and guidance to operations teams. M&A Support: Provide technical due diligence and integration support for mergers and acquisitions. Assess the technical landscape of acquired companies and develop plans for integrating their systems and processes. Essential Skills & Experience: Proven experience as a Technical Architect with a strong understanding of various technologies and architectures Industry Best Practices: experienced in applying and aligning to ITIL, Prince2, TOGAF, Archimate Deep expertise in multiple technical domains, including but not limited to: Enterprise-scale IT: technologies that drive a modern-day large-scale enterprise (5000+ users) Service Desk: ITSM platform (ServiceNow) EUC: end point devices, end point platform management (inTune, SCCM) Apps: CRM, ERP, HCM, Finance, Payroll, Development Environments, Servers: public, private, cloud Network: WAN, LAN, WLAN, Switches, Routers, Firewalls, SD-WAN (Palo Alto, Meraki, Cisco) Storage: SAN, Back-up (VEEAM, Cisco, HP) Cloud: MS Azure Cyber Security: IPS / IDS, SIEM, XDR, AV, NIST, ISO27001 Data Science: MS Data Fabric, Data Bricks, LLMs Automation: RPA, iPaaS, Low Code / No Code development (MS Power Platform) Strong analytical and problem-solving skills with the ability to think strategically and creatively. Excellent communication and interpersonal skills with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences. Proven ability to work effectively in a fast-paced, dynamic environment, managing multiple projects and priorities simultaneously. Experience working in a matrixed organization, collaborating with cross-functional teams across different locations. Strong project management and organizational skills. Desirable Skills & Experience: Experience with M&A activities, including technical due diligence and integration planning. Experience with Agile development methodologies (e.g., Scrum, Kanban) Experience with DevSecOps practices and tools Relevant industry certifications (e.g. Azure Certified Solutions Architect) The NRL Group connect global companies with the right people to bring engineering projects to life. Supporting contracting companies with energy transition plans and working with our clients to create a cleaner, greener future. We welcome applications from every walk of life and are committed to diversity within the industries we support, as a certified Inclusive Recruiter and Armed Forces friendly employer. You can ensure you stay safe when job searching online by visiting the JobsAware website.
Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
Feb 11, 2025
Full time
Our leading Douglas-based Finance Sector Client is seeking a leading technology professional in the role of IT Infrastructure Analyst. As IT Infrastructure Analyst you will provide, support, maintain and optimise an on-premises and cloud-based IT infrastructure, with a focus on ensuring the stability, availability and security of the network servers and systems that support business operations. The role blends technical expertise with problem-solving to maintain and improve the efficiency of the IT environment. Responsibilities - Ensure that critical infrastructure components (servers, networks, storage) are available and operational downtime Monitor systems to prevent outages and ensure business continuity Provide timely support for infrastructure related issues, trouble shooting and resolving incidents efficiently Act as an escalation point for more complex issues and work closely with support teams and peers Perform routine maintenance, updates and patching to keep systems secure and up to date Optimise infrastructure performance, identifying areas for improvement to enhance efficiency and capacity Implement and manage security protocols, firewalls and threat detection systems to safeguard the infrastructure Ensure compliance with industry standards, regulations and internal policies related to data protection and cybersecurity Maintain and implement disaster recovery plans to minimise downtime and date loss in case of failures Ensure backup systems are properly configured and tested regularly for data protection and recovery Maintain detailed documentation of network configurations, system setups, infrastructure changes and technical procedures Ensure documentation is accessible and up to date for troubleshooting and auditing purposes Work closely with other IT teams (IT Services, Architecture, Engineering/Developers. To align infrastructure with broader IT strategy Through vendor management liaise with vendors and service providers to help manage infrastructure related services and support Anticipate and plan for future infrastructure needs based on business growth, user demand and new technology adoption Ensure the infrastructure can scale seamlessly to meet organisational requirements The ideal candidate for the role of IT Infrastructure Analyst will hold: - Appropriate technical qualifications e.g. Microsoft certification, including MS Certified Azure Administration, Cisco Certified Network Association (CCNA), VMware Certified Professional (VCP), Microsoft Certified Windows Server - Knowledge and experience of Network protocols - DNS, VPN, Network devices - routers, switches, network segmentation, and VPN configurations for remote access - Skills in network troubleshooting and monitoring tools - e.g. SolarWinds - Proficiency in managing and configuring Windows Servers and Linux-based systems - Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least one major cloud provider (AWS, Azure, Google Cloud) - Knowledge of cloud servers like compute, storage, networking, security and managed services - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure health - Strong problem-solving skills for diagnosing hardware, network and software issues - Knowledge of common troubleshooting frameworks and methodologies, such as ITIL - Knowledge of virtual infrastructure management with VMware, Hyper-V, or similar platforms - Experience with configuring and managing virtualised environments for optimised resource - Understanding of containerisation concepts and tools, primarily Docker - Familiarity with orchestration platforms, especially Kubernetes, to support containerisation applications - Experience with backup and recovery software like Rubrik, Cloudian etc. - Knowledge of backup strategies (e.g. incremental, differential, full backups) and data retention policies - Skills in developing and testing disaster recovery plans to minimise downtime and ensure business continuity - Experience with offsite backup solutions, replication and high-availability configurations - Basic understanding of database management and administration for common databases like SQL server, MySQL and Oracle - Skills in database performance tuning, backup and recovery - Knowledge of Storage Area Networks (SAN), Network Attached Storage (NAS) and RAID configurations - Experience managing cloud storage options and ensuring data redundancy and scalability - Proficiency in documenting infrastructure configurations, standard operating procedures (SOPs), and troubleshooting guides - Experience using documentation tools like confluence, Microsoft SharePoint, or similar collaboration platforms - Skills in creating reports on system performance, resource utilisation, and incident trends for management - Experience with data visualisation and reporting tools like Power BI or Tableau is a plus
CBSbutler Holdings Limited trading as CBSbutler
Hemel Hempstead, Hertfordshire
SOC Shift Lead +Permanent opportunity + 58,000 - 65,000 +SC / DV cleared role +On site fulltime in Hemel Hempstead Skills: +SOC +Microsoft Sentinel and Splunk +SIEM As a SOC Shift Lead you will be required to conduct monitoring and triage of alerts associated with host and network security events for our client's critical infrastructure. You will support the SOC through both delivery of client work and adding skills and ideas to the already diverse team. This role is based on site Hemel Hempstead and is shift work. 2 x days at 6am to 6PM, 2 Nights at 6PM to 6am, 4 days off. Please note you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you'll bring: Demonstrable experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you'd like to discuss this SOC Lead role or an alternative SOC opportunity, please send your updated CV to (url removed) and I will get in touch.
Feb 11, 2025
Full time
SOC Shift Lead +Permanent opportunity + 58,000 - 65,000 +SC / DV cleared role +On site fulltime in Hemel Hempstead Skills: +SOC +Microsoft Sentinel and Splunk +SIEM As a SOC Shift Lead you will be required to conduct monitoring and triage of alerts associated with host and network security events for our client's critical infrastructure. You will support the SOC through both delivery of client work and adding skills and ideas to the already diverse team. This role is based on site Hemel Hempstead and is shift work. 2 x days at 6am to 6PM, 2 Nights at 6PM to 6am, 4 days off. Please note you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you'll bring: Demonstrable experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you'd like to discuss this SOC Lead role or an alternative SOC opportunity, please send your updated CV to (url removed) and I will get in touch.
CBSbutler Holdings Limited trading as CBSbutler
Gosport, Hampshire
Role: Senior SOC Analyst Salary: circa 45,000 per annum + benefits package Location: Onsite in Gosport DV Clearance will be required to start and you will be sponsored through this process if not in place already. We are recruiting for a Senior SOC Analyst to join a large organisation operating within the UK defence sector. You will be joining a busy SOC, leading incident response fine tuning detection rules. Key experience required; + SIEM knowledge and experience i,e, Sentinel and Splunk + Previous SOC experience + Understanding of network and security technologies If you are interested in discussing this Senior SOC Analyst role further, please apply or send a copy of your updated CV to (url removed). CBSbutler is acting as an employment agency for this role.
Feb 11, 2025
Full time
Role: Senior SOC Analyst Salary: circa 45,000 per annum + benefits package Location: Onsite in Gosport DV Clearance will be required to start and you will be sponsored through this process if not in place already. We are recruiting for a Senior SOC Analyst to join a large organisation operating within the UK defence sector. You will be joining a busy SOC, leading incident response fine tuning detection rules. Key experience required; + SIEM knowledge and experience i,e, Sentinel and Splunk + Previous SOC experience + Understanding of network and security technologies If you are interested in discussing this Senior SOC Analyst role further, please apply or send a copy of your updated CV to (url removed). CBSbutler is acting as an employment agency for this role.
Senior SOC Analyst London/Hybrid/ Up To £50K Pro Rata (DOE)/ 3-6 Months FTC We are excited to partner with a financial client based in central London that prides itself in delivering complex projects in fast-paced moving organisations. They are looking to onboard an ambitious and goal-oriented Senior SOC Analyst to join their growing security team. The person will be accountable for delivery of SOC and SIEM to existing and helping to sell capabilities to potential customers. KEY RESPONSIBILITIES: Manage coach and lead the SOC 1st line analyst teams. Quickly assess incidents for their impact and severity. Establish procedures, containing threats, and mitigating potential damage. Ensuring that evidence is collected in a proper organised manner. Implement the latest detection capabilities to Microsoft Sentinel. Prepare and maintain detailed incident reports and provide post-incident analysis to improve security measures. Work closely with the team members, such as service desk or projects team, to address security issues and implement solutions. Proactively search for signs of advanced threats and vulnerabilities within the network. SKILL REQUIREMENTS: Strong understanding of cybersecurity principles, including knowledge of common threats and vulnerabilities. Capabilities which include Kubernetes, AWS, GCP, Windows Endpoints, Carbon Black and Elastic SIEM, and an understanding on Powershell. Advanced understanding of cybersecurity principles, attack vectors, threat actors, and the threat landscape. Strong knowledge on the CIA triad. Skilled in triaging alerts, performing root cause analysis, and implementing remediation actions. Deep understanding of network protocols (e.g., TCP/IP, DNS, HTTP/HTTPS, SMTP) and their role in cybersecurity. Familiarity with network devices (e.g., routers, switches, firewalls) and concepts like VPNs and VLANs. Ownership of EDR (Endpoint Detection and Response) solutions, such as MS Defender for Endpoint, CrowdStrike, Carbon Black, or SentinelOne. Knowledge of IDS/IPS is a plus. Experience in managing incidents from identification through containment, eradication, recovery, and lessons learned. Familiarity with cybersecurity frameworks and regulations, such as: NIST Cybersecurity Framework (CSF). ISO/IEC 27001. GDPR, HIPAA, PCI DSS, or other compliance standards. PREFERRED CERTIFICATIONS: Microsoft Azure Sentinel 200. Microsoft Azure Sentinel 400 to be obtained.
Feb 11, 2025
Contractor
Senior SOC Analyst London/Hybrid/ Up To £50K Pro Rata (DOE)/ 3-6 Months FTC We are excited to partner with a financial client based in central London that prides itself in delivering complex projects in fast-paced moving organisations. They are looking to onboard an ambitious and goal-oriented Senior SOC Analyst to join their growing security team. The person will be accountable for delivery of SOC and SIEM to existing and helping to sell capabilities to potential customers. KEY RESPONSIBILITIES: Manage coach and lead the SOC 1st line analyst teams. Quickly assess incidents for their impact and severity. Establish procedures, containing threats, and mitigating potential damage. Ensuring that evidence is collected in a proper organised manner. Implement the latest detection capabilities to Microsoft Sentinel. Prepare and maintain detailed incident reports and provide post-incident analysis to improve security measures. Work closely with the team members, such as service desk or projects team, to address security issues and implement solutions. Proactively search for signs of advanced threats and vulnerabilities within the network. SKILL REQUIREMENTS: Strong understanding of cybersecurity principles, including knowledge of common threats and vulnerabilities. Capabilities which include Kubernetes, AWS, GCP, Windows Endpoints, Carbon Black and Elastic SIEM, and an understanding on Powershell. Advanced understanding of cybersecurity principles, attack vectors, threat actors, and the threat landscape. Strong knowledge on the CIA triad. Skilled in triaging alerts, performing root cause analysis, and implementing remediation actions. Deep understanding of network protocols (e.g., TCP/IP, DNS, HTTP/HTTPS, SMTP) and their role in cybersecurity. Familiarity with network devices (e.g., routers, switches, firewalls) and concepts like VPNs and VLANs. Ownership of EDR (Endpoint Detection and Response) solutions, such as MS Defender for Endpoint, CrowdStrike, Carbon Black, or SentinelOne. Knowledge of IDS/IPS is a plus. Experience in managing incidents from identification through containment, eradication, recovery, and lessons learned. Familiarity with cybersecurity frameworks and regulations, such as: NIST Cybersecurity Framework (CSF). ISO/IEC 27001. GDPR, HIPAA, PCI DSS, or other compliance standards. PREFERRED CERTIFICATIONS: Microsoft Azure Sentinel 200. Microsoft Azure Sentinel 400 to be obtained.
Synapri are currently working with a leading Public Sector Organisation to recruit an experienced Cyber Security/SOC Engineer for an initial 12-month contract, this role is remote first (very occasional travel may be required for specific workshops etc). The key responsibilities for this role are: Support the implementation of the threat monitoring and improvement roadmap Implementing changes within multiple Cloud Environments Updating and maintaining existing tools and infrastructure Assisting with active investigations and provide expert knowledge to assist analysts. Creating playbooks and documentation for maintaining new capabilities The key skills for this role are: Experience configuring security-related tools and implementing security policies. Demonstrable experience working with an SIEM tool (Sentinel, Splunk etc) Experience with AWS and Azure cloud policies and infrastructure Knowledge of Python scripting. This role cannot provide sponsorship.
Feb 07, 2025
Contractor
Synapri are currently working with a leading Public Sector Organisation to recruit an experienced Cyber Security/SOC Engineer for an initial 12-month contract, this role is remote first (very occasional travel may be required for specific workshops etc). The key responsibilities for this role are: Support the implementation of the threat monitoring and improvement roadmap Implementing changes within multiple Cloud Environments Updating and maintaining existing tools and infrastructure Assisting with active investigations and provide expert knowledge to assist analysts. Creating playbooks and documentation for maintaining new capabilities The key skills for this role are: Experience configuring security-related tools and implementing security policies. Demonstrable experience working with an SIEM tool (Sentinel, Splunk etc) Experience with AWS and Azure cloud policies and infrastructure Knowledge of Python scripting. This role cannot provide sponsorship.
Cyber Security Analyst Leatherhead, Surrey (Hybrid model) Why work for us? Competitive salary of up to £59,000 per annum depending on experience A workplace pension scheme Hybrid working: 12 days per week in our Leatherhead with occasional travel to Ireland office as well as to key partners offices Private Medical and Dental cover 25 days annual leave (plus bank holidays), with options to purchase and sell up to 5 days holiday per year (pro rata) Support and investment in your personal development 24/7 access to Employee Assistance Programme and Mental Health First Aiders What we do Premium Credit is the leading provider of insurance premium finance and a range of annually charged services, including tax, regulatory and accountancy fees, sports season tickets, memberships and school fees in the UK and Ireland. We are a multi award winning business lending more than £4.5 billion to over 2.5 million customers through a network of almost three thousand partners- and growing. We are a successful business with a Trustpilot rating of 4.5, a Net Promoter Score of , a Glassdoor rating of 4.4 and a Silver Sustainability medal. The Role This is an exciting time of growth for us, and we need a Cyber Security Analyst to help us continue this success. This is a great opportunity to develop a varied and rewarding career with a company that invests in, recognises and rewards its people. The Cyber Security Analyst monitors, analyses and responds to infrastructure threats and vulnerability, ensuring risks are assessed and mitigated. You ll assist in the development of security policies, standards and procedures as well as carry out testing, security reporting and promoting employee awareness. The role will cover all aspects of Cyber Security, providing support and guidance across the business. This includes, but is not limited to: - Monitor networks for security issues, investigating breaches and other cyber security incidents, providing incident response. - Perform tests to uncover vulnerabilities, mitigating these to maintain high-security standards - Develop company-wide IT best practice - Support colleagues to install security software, providing guidance to ensure an understanding of information security management - Participate in or conduct internal and external audits Who we are looking for If you re an individual who thrives in a fast-paced environment, able to work collaboratively with others and are looking to make a difference, this is a brilliant opportunity to advance your career to the next level with our sector-leading company. At Premium Credit, you will be supported to develop and expand your skills, knowledge and experience. To be considered as our Cyber Security Analyst you will need: - Proven experience as a Cyber Security Analyst or SOC Analyst - A good understanding of Cloud Infrastructure (Iaas, Saas, Paas) as well as network security - The ability to review security designs and identify potential weaknesses and risks - Experience and knowledge of Data Protection legislation including ensuring compliance - Previous experience of SIEM tools and working with a SOC - Verbal and written communication skills; able to provide technical information in an understandable format as well as the ability to write technical reports A degree in Computer Science, Information Security or similar would be advantageous as would the relevant professional Security Qualifications and experience with Azure Sentinel. We are committed to providing reasonable adjustments or accommodations for applicants, so if you need assistance or support during the recruitment process, please let us know on the application form or by sending an email to (url removed) If you are made an offer of employment you will be required to prove your eligibility to work in the UK before you start work. You must reside in the UK from the start date of this role; unfortunately we are unable to provide visa sponsorship at this time. To ensure you can work from home efficiently you will be asked to provide your internet speed at the application stage. Premium Credit are an equal opportunities employer with a strong and passionate commitment to Diversity, Equality and Inclusion in the workplace. We welcome applications from all sections of the community and encourage people from all backgrounds to apply. Equal opportunities are the only acceptable way to conduct business and we believe that the more inclusive our environments are, the better our work will be. We are open to part-time working and job share. By submitting your application, you agree that Premium Credit may collect your personal data for recruiting and related purposes. To view our Privacy Notice please go to: (url removed)> All postholders will be subject to appropriate pre-employment vetting procedures and a satisfactory Disclosure & Barring Service (DBS) check prior to appointment. So, if role appeals to you and you re looking to join an industry-leading organisation, please apply. Excited but not sure you tick every box? Research tells us that women, particularly, feel this way. So, regardless of gender, why not apply? And if you re in a job share just apply as a pair. We look forward to hearing from you. Please note, we reserve the right to close this vacancy early if we identify a number of suitable candidates. All applicants will be advised if the vacancy closes early.
Jan 30, 2025
Full time
Cyber Security Analyst Leatherhead, Surrey (Hybrid model) Why work for us? Competitive salary of up to £59,000 per annum depending on experience A workplace pension scheme Hybrid working: 12 days per week in our Leatherhead with occasional travel to Ireland office as well as to key partners offices Private Medical and Dental cover 25 days annual leave (plus bank holidays), with options to purchase and sell up to 5 days holiday per year (pro rata) Support and investment in your personal development 24/7 access to Employee Assistance Programme and Mental Health First Aiders What we do Premium Credit is the leading provider of insurance premium finance and a range of annually charged services, including tax, regulatory and accountancy fees, sports season tickets, memberships and school fees in the UK and Ireland. We are a multi award winning business lending more than £4.5 billion to over 2.5 million customers through a network of almost three thousand partners- and growing. We are a successful business with a Trustpilot rating of 4.5, a Net Promoter Score of , a Glassdoor rating of 4.4 and a Silver Sustainability medal. The Role This is an exciting time of growth for us, and we need a Cyber Security Analyst to help us continue this success. This is a great opportunity to develop a varied and rewarding career with a company that invests in, recognises and rewards its people. The Cyber Security Analyst monitors, analyses and responds to infrastructure threats and vulnerability, ensuring risks are assessed and mitigated. You ll assist in the development of security policies, standards and procedures as well as carry out testing, security reporting and promoting employee awareness. The role will cover all aspects of Cyber Security, providing support and guidance across the business. This includes, but is not limited to: - Monitor networks for security issues, investigating breaches and other cyber security incidents, providing incident response. - Perform tests to uncover vulnerabilities, mitigating these to maintain high-security standards - Develop company-wide IT best practice - Support colleagues to install security software, providing guidance to ensure an understanding of information security management - Participate in or conduct internal and external audits Who we are looking for If you re an individual who thrives in a fast-paced environment, able to work collaboratively with others and are looking to make a difference, this is a brilliant opportunity to advance your career to the next level with our sector-leading company. At Premium Credit, you will be supported to develop and expand your skills, knowledge and experience. To be considered as our Cyber Security Analyst you will need: - Proven experience as a Cyber Security Analyst or SOC Analyst - A good understanding of Cloud Infrastructure (Iaas, Saas, Paas) as well as network security - The ability to review security designs and identify potential weaknesses and risks - Experience and knowledge of Data Protection legislation including ensuring compliance - Previous experience of SIEM tools and working with a SOC - Verbal and written communication skills; able to provide technical information in an understandable format as well as the ability to write technical reports A degree in Computer Science, Information Security or similar would be advantageous as would the relevant professional Security Qualifications and experience with Azure Sentinel. We are committed to providing reasonable adjustments or accommodations for applicants, so if you need assistance or support during the recruitment process, please let us know on the application form or by sending an email to (url removed) If you are made an offer of employment you will be required to prove your eligibility to work in the UK before you start work. You must reside in the UK from the start date of this role; unfortunately we are unable to provide visa sponsorship at this time. To ensure you can work from home efficiently you will be asked to provide your internet speed at the application stage. Premium Credit are an equal opportunities employer with a strong and passionate commitment to Diversity, Equality and Inclusion in the workplace. We welcome applications from all sections of the community and encourage people from all backgrounds to apply. Equal opportunities are the only acceptable way to conduct business and we believe that the more inclusive our environments are, the better our work will be. We are open to part-time working and job share. By submitting your application, you agree that Premium Credit may collect your personal data for recruiting and related purposes. To view our Privacy Notice please go to: (url removed)> All postholders will be subject to appropriate pre-employment vetting procedures and a satisfactory Disclosure & Barring Service (DBS) check prior to appointment. So, if role appeals to you and you re looking to join an industry-leading organisation, please apply. Excited but not sure you tick every box? Research tells us that women, particularly, feel this way. So, regardless of gender, why not apply? And if you re in a job share just apply as a pair. We look forward to hearing from you. Please note, we reserve the right to close this vacancy early if we identify a number of suitable candidates. All applicants will be advised if the vacancy closes early.
Do you want to work for a company in the midst of exceptional growth? Do you want to work for an organisation that prioritises developing their staff's skills? We are working with a market leading MSP who are looking to make additions to their burgeoning SOC operation as they continue to grow within their market. Their head office base is in Derby, and are looking for an experienced SOC analyst to join as a Senior, helping to lead and mentor the junior members of their team, lead on reports into senior stakeholders, and develop their Microsoft tech stack. LOCATION - Derby (2 office days per month) SALARY - Up to £45,000 Must have Skills: At least 2 years SOC/SIEM Experience Strong communication skills, written & aural, to a range of audiences, including senior management. Strong time management and able to coordinate projects and delegate tasks Able to maintain excellent client relationships and deal with problematic/disgruntled clients. Confident in developing complex SIEM rules in Microsoft Sentinel based off real-world attacks and threat intelligence. Basic understanding of ITSM including change and incident management. Able to write new playbooks for incident investigation and response. Experience and understanding of logic-apps and automation, able to design and implement new automation to meet business/client requirements. Incident response experience Threat Intelligence experience including new threat hunting rules. Fluent in KQL Desirable Skills/Experience: Experience in troubleshooting bespoke developed connectors. Azure Experience Defender Experience Scripting/Automation Docker/Virtualisation
Jan 29, 2025
Full time
Do you want to work for a company in the midst of exceptional growth? Do you want to work for an organisation that prioritises developing their staff's skills? We are working with a market leading MSP who are looking to make additions to their burgeoning SOC operation as they continue to grow within their market. Their head office base is in Derby, and are looking for an experienced SOC analyst to join as a Senior, helping to lead and mentor the junior members of their team, lead on reports into senior stakeholders, and develop their Microsoft tech stack. LOCATION - Derby (2 office days per month) SALARY - Up to £45,000 Must have Skills: At least 2 years SOC/SIEM Experience Strong communication skills, written & aural, to a range of audiences, including senior management. Strong time management and able to coordinate projects and delegate tasks Able to maintain excellent client relationships and deal with problematic/disgruntled clients. Confident in developing complex SIEM rules in Microsoft Sentinel based off real-world attacks and threat intelligence. Basic understanding of ITSM including change and incident management. Able to write new playbooks for incident investigation and response. Experience and understanding of logic-apps and automation, able to design and implement new automation to meet business/client requirements. Incident response experience Threat Intelligence experience including new threat hunting rules. Fluent in KQL Desirable Skills/Experience: Experience in troubleshooting bespoke developed connectors. Azure Experience Defender Experience Scripting/Automation Docker/Virtualisation
Cyber Security/CSOC Manager Are you a skilled and flexible leader passionate about safeguarding organisation from cyber threats? We are seeking a Cyber Security/CSOC Manager to lead our cyber security operations centre (CSOC) and ensure the resilience of our systems, data, and networks against evolving cyber risks. Key Responsibilities: Oversee the daily operations of the CSOC, ensuring the effective monitoring, detection, and response to security incidents. Develop and implement security policies, procedures, and best practices aligned with industry standards. Lead and mentor a team of security analysts, fostering professional growth and technical excellence. Collaborate with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Conduct regular threat assessments and incident response drills. Manage security tools and technologies, ensuring optimal performance and timely updates. Stay updated on the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Proven experience in a cyber security role, with at least 5 years in a leadership capacity. Strong knowledge of cyber security frameworks, such as NIST, ISO 27001, or CIS Controls. Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent communication and problem-solving skills. Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: Midlands - Hybrid set up with on-site presence required Job Type: Full time, permanent Salary: 65,000 to 85,000 per annum reflective on experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
Jan 29, 2025
Full time
Cyber Security/CSOC Manager Are you a skilled and flexible leader passionate about safeguarding organisation from cyber threats? We are seeking a Cyber Security/CSOC Manager to lead our cyber security operations centre (CSOC) and ensure the resilience of our systems, data, and networks against evolving cyber risks. Key Responsibilities: Oversee the daily operations of the CSOC, ensuring the effective monitoring, detection, and response to security incidents. Develop and implement security policies, procedures, and best practices aligned with industry standards. Lead and mentor a team of security analysts, fostering professional growth and technical excellence. Collaborate with internal stakeholders to identify vulnerabilities and recommend risk mitigation strategies. Conduct regular threat assessments and incident response drills. Manage security tools and technologies, ensuring optimal performance and timely updates. Stay updated on the latest cyber threats, trends, and compliance requirements. Qualifications and Skills: Proven experience in a cyber security role, with at least 5 years in a leadership capacity. Strong knowledge of cyber security frameworks, such as NIST, ISO 27001, or CIS Controls. Hands-on experience with SIEM tools, threat intelligence platforms, and incident response processes. Certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. Excellent communication and problem-solving skills. Ability to work under pressure and manage multiple priorities effectively. What We Offer: Location: Midlands - Hybrid set up with on-site presence required Job Type: Full time, permanent Salary: 65,000 to 85,000 per annum reflective on experience DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality
Senior SOC Analyst - Team Lead (AWS & Azure) 2 DAYS PER MONTH IN LONDON MANAGING JUNIOR ANALYSTS INSIDE IR35 6 MONTH CONTRACT ASAP START / ASAP INTERVIEWS Principal accountabilities - Mentorship and Training: Provide ongoing coaching and support to SOC team members, fostering a culture of continuous learning and improvement. - Skill Development: Design and deliver training programs on AWS, security tools, and best practices to enhance the technical skills of the SOC team. - Incident Response Support: Guide the team in managing and responding to security incidents, ensuring effective use of AWS and other tools. - Process Improvement: Collaborate with SOC engineers to develop and refine incident response procedures and playbooks. - Performance Monitoring: Assess the team's performance, provide feedback, and identify areas for further development. Knowledge and skills required - Incident Management Coaching: At least 3-5 years of experience in Incident Management, Security Operations (SecOps), or IT Security, with a proven ability to coach and guide team members through handling and resolving security incidents. - SIEM Tools Training: Extensive experience in reviewing and responding to Security Information and Event Management (SIEM) alerts, with proficiency in tools such as Splunk or Microsoft Sentinel. Ability to train and mentor team members on effective use of these tools. - EDR Systems Mentorship: Hands-on experience with Endpoint Detection and Response (EDR) systems like Microsoft Defender or Symantec, including the ability to coach team members in analysing and responding to alerts. - Cloud Security Expertise: Strong experience in cloud security, particularly with AWS, including knowledge of AWS security services and best practices. Ability to develop and deliver training programs on these topics. - Cyber Investigations Guidance: Demonstrated ability to conduct thorough cyber investigations independently, with a focus on mentoring team members to develop their investigative skills. - Third-Party Collaboration: Experience working with third-party suppliers and vendors to ensure security measures are in place and incidents are managed effectively. Ability to coach team members on best practices for collaboration. - Enterprise Security Controls: Familiarity with enterprise security controls and security best practices for various operating systems, including Windows, Linux, and Mac. Ability to mentor team members on implementing these controls. - Training and Development: Proven experience in mentoring and training technical teams, with a focus on upskilling team members in cybersecurity tools and practices. Ability to create and deliver engaging training sessions. - Process Improvement Coaching: Experience in developing and refining incident response procedures and playbooks, with a focus on coaching team members to enhance their efficiency and effectiveness. - Communication and Reporting: Strong communication skills, both written and oral, with the ability to coach team members on providing clear and concise reports and updates to various stakeholders. - Continuous Improvement: A proactive approach to identifying areas for improvement within the SOC team and implementing coaching strategies to address them.
Jan 29, 2025
Contractor
Senior SOC Analyst - Team Lead (AWS & Azure) 2 DAYS PER MONTH IN LONDON MANAGING JUNIOR ANALYSTS INSIDE IR35 6 MONTH CONTRACT ASAP START / ASAP INTERVIEWS Principal accountabilities - Mentorship and Training: Provide ongoing coaching and support to SOC team members, fostering a culture of continuous learning and improvement. - Skill Development: Design and deliver training programs on AWS, security tools, and best practices to enhance the technical skills of the SOC team. - Incident Response Support: Guide the team in managing and responding to security incidents, ensuring effective use of AWS and other tools. - Process Improvement: Collaborate with SOC engineers to develop and refine incident response procedures and playbooks. - Performance Monitoring: Assess the team's performance, provide feedback, and identify areas for further development. Knowledge and skills required - Incident Management Coaching: At least 3-5 years of experience in Incident Management, Security Operations (SecOps), or IT Security, with a proven ability to coach and guide team members through handling and resolving security incidents. - SIEM Tools Training: Extensive experience in reviewing and responding to Security Information and Event Management (SIEM) alerts, with proficiency in tools such as Splunk or Microsoft Sentinel. Ability to train and mentor team members on effective use of these tools. - EDR Systems Mentorship: Hands-on experience with Endpoint Detection and Response (EDR) systems like Microsoft Defender or Symantec, including the ability to coach team members in analysing and responding to alerts. - Cloud Security Expertise: Strong experience in cloud security, particularly with AWS, including knowledge of AWS security services and best practices. Ability to develop and deliver training programs on these topics. - Cyber Investigations Guidance: Demonstrated ability to conduct thorough cyber investigations independently, with a focus on mentoring team members to develop their investigative skills. - Third-Party Collaboration: Experience working with third-party suppliers and vendors to ensure security measures are in place and incidents are managed effectively. Ability to coach team members on best practices for collaboration. - Enterprise Security Controls: Familiarity with enterprise security controls and security best practices for various operating systems, including Windows, Linux, and Mac. Ability to mentor team members on implementing these controls. - Training and Development: Proven experience in mentoring and training technical teams, with a focus on upskilling team members in cybersecurity tools and practices. Ability to create and deliver engaging training sessions. - Process Improvement Coaching: Experience in developing and refining incident response procedures and playbooks, with a focus on coaching team members to enhance their efficiency and effectiveness. - Communication and Reporting: Strong communication skills, both written and oral, with the ability to coach team members on providing clear and concise reports and updates to various stakeholders. - Continuous Improvement: A proactive approach to identifying areas for improvement within the SOC team and implementing coaching strategies to address them.
Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions. Apply now for the position of Data Analyst and you will support the deployment of data related business improvement projects to given timelines. Additionally, the role includes the development, deployment and maintenance of digital tools across the site to drive efficiency, effectiveness and sustainability of best practices. Your Role: You will carry out data analysis, gathering information and data from multiple sources including the Datalake and assist in the development of continuous improvement initiatives and process to assist the business to meet its goals. You will develop and deploy data related solutions to support continuous improvement activities across the business. Support digitalisation initiatives across site as required with technical expertise. Remain abreast with upcoming data technologies, including digital automation and disseminate the knowledge as appropriate. Provide support in the creation of detailed analytical models by providing expert opinion related to the integration and processing of data relevant to the business. Your Expertise: Knowledge of data analysis and visualisation techniques and software such as Qlik and PowerBI. Proficiency in SQL for querying, analysing, and managing datasets. Good problem-solving skills. Good verbal and written communication skills Good communication skills to facilitate co-operative working across functions and management levels. Our Benefits: 26 days' holiday with the option to buy or sell an additional 5 Up to 10% employer pension contribution Share and bonus scheme Access to our flexible benefits from private medical insurance to dental cover Corporate Social Responsibility opportunities including 2 paid volunteering days per year and support from our 24/7 employee assistance programme Who we are: We are a team of more than 71,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways. How we work: When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual's potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world's most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably. As an equal opportunity employer, we welcome applications from individuals with disabilities. We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. Please create a profile within our talent community and subscribe to personalized job alert that will keep you posted about new opportunities. To all recruitment agencies: Siemens Healthineers' recruitment is internally managed, with external support permitted only when a qualified supplier has established a formal contract with us. Unsolicited candidate submissions and referrals, absent a current supplier contract, do not establish consent and are ineligible for fees. We delete and destroy unsolicited information, thus, would recommend you refrain from any such practices. Your adherence to our policies is appreciated.
Jan 29, 2025
Full time
Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions. Apply now for the position of Data Analyst and you will support the deployment of data related business improvement projects to given timelines. Additionally, the role includes the development, deployment and maintenance of digital tools across the site to drive efficiency, effectiveness and sustainability of best practices. Your Role: You will carry out data analysis, gathering information and data from multiple sources including the Datalake and assist in the development of continuous improvement initiatives and process to assist the business to meet its goals. You will develop and deploy data related solutions to support continuous improvement activities across the business. Support digitalisation initiatives across site as required with technical expertise. Remain abreast with upcoming data technologies, including digital automation and disseminate the knowledge as appropriate. Provide support in the creation of detailed analytical models by providing expert opinion related to the integration and processing of data relevant to the business. Your Expertise: Knowledge of data analysis and visualisation techniques and software such as Qlik and PowerBI. Proficiency in SQL for querying, analysing, and managing datasets. Good problem-solving skills. Good verbal and written communication skills Good communication skills to facilitate co-operative working across functions and management levels. Our Benefits: 26 days' holiday with the option to buy or sell an additional 5 Up to 10% employer pension contribution Share and bonus scheme Access to our flexible benefits from private medical insurance to dental cover Corporate Social Responsibility opportunities including 2 paid volunteering days per year and support from our 24/7 employee assistance programme Who we are: We are a team of more than 71,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways. How we work: When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual's potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world's most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably. As an equal opportunity employer, we welcome applications from individuals with disabilities. We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. Please create a profile within our talent community and subscribe to personalized job alert that will keep you posted about new opportunities. To all recruitment agencies: Siemens Healthineers' recruitment is internally managed, with external support permitted only when a qualified supplier has established a formal contract with us. Unsolicited candidate submissions and referrals, absent a current supplier contract, do not establish consent and are ineligible for fees. We delete and destroy unsolicited information, thus, would recommend you refrain from any such practices. Your adherence to our policies is appreciated.
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
Jan 20, 2025
Full time
Forter is looking for a Senior SOC Engineer to enhance our security operations and ensure robust protection against sophisticated threats. This role is crucial for maintaining our Security Operations as a high-performing and resilient hub that can quickly adapt to emerging security challenges in the fintech industry. You will take the lead in refining our SOC capabilities by monitoring network traffic, analyzing security incidents, managing security tools, automating processes, and providing expertise to SOC analysts, without having direct management responsibilities. The Senior SOC Engineer collaborates with cross-functional teams to build defenses, respond to incidents, and design strategies for robust cybersecurity posture. Why should you join us? At Forter, you'll play a critical role in defending against sophisticated threats in a high-stakes fintech environment. As a Senior SOC Engineer, you will: Shape the Future of Security : Lead initiatives to enhance our SOC capabilities, using cutting-edge technologies and automation tools to protect against advanced threats in real-time. Make an Outsized Impact : Your work will directly influence Forter's ability to safeguard millions of transactions for major clients like Nordstrom, Priceline, and ASOS, enhancing customer trust and revenue growth. Work with a Talented Team : Collaborate with industry-leading experts in cloud security, fraud prevention, and data analytics. Forter is driven by a culture of excellence, continuous learning, and innovation. Access to Leading-Edge Tools : You will have the freedom to experiment with the latest SIEM, SOAR, EDR, and cloud-native security technologies, empowering you to stay at the forefront of cybersecurity practices. This is more than just a job; it's an opportunity to grow your expertise in a dynamic, supportive environment while making a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring & Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You'll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS security logs through the SIEM, while also engaging directly with AWS security services and CSPM responsible team for proactive defense and monitoring in the cloud environment. Incident Response : Enhance the IRP and coordinate with the SOC team and cross-functional teams during the incident response lifecycle, focusing on containment, eradication, recovery, and post-incident analysis. Vendor Coordination : Collaborate with third-party vendors as needed for managed security services and specialized tools. Mentorship : Mentor junior security team members, providing guidance on incident handling and security best practices. What you'll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled in writing SIEM queries, alerts, and dashboards. End-to-End Investigations & Network Protocols : Extensive experience with end-to-end investigations, handling security incidents, and deep knowledge of security network protocols, along with familiarity with the OWASP Top 10 vulnerabilities. EDR Expertise : Hands-on experience managing EDR tools, including end-to-end operations from deployment and configuration to analysis and response. Scripting & Automation : Knowledge of scripting languages such as Python, SQL, or Bash to automate SOC workflows. Core Skills : Strong problem-solving, organizational, and analytical skills, with attention to detail and a security-first approach to translating complex issues into solutions. Excellent communication skills for effective collaboration and reporting. Continuous learning mindset with an eagerness to stay updated on cybersecurity trends. It'd be cool if you also: NOT A MUST Familiar with industry frameworks (ISO 27001, PCI-DSS, SOC2, NIST, etc.) and regulatory requirements. Have one or more certifications: GCIH, GIAC, CSA, CompTIA CySA+, or other relevant certifications. About us: Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful-it can accelerate revenue growth and strengthen a company's connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where-but who is behind the interaction. The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers-ensuring everyone gets the experience they deserve. Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We're meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact. Trust is backed by data - Forter is a recipient of over 10 workplace and innovation awards, including: Great Place to Work Certification (2021, 2022, 2023) Fintech Breakthrough Awards - Best Fraud Prevention Platform (2023) Life as a Forterian: We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience. At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company. Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law. If you need assistance or an accommodation due to a disability, please email us at . This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.
External Description Job Title: Lead SOC Analyst Location: Luton/Hybrid Salary: up to £75,000 + bonus depending on experience We are working with one of the leading airlines as they dominate their sector with Security investment and expansion. They are implementing state-of-the-art Security technologies and processes and want you to be part of it. They are not only disrupting the way people travel but also the way in which they are building their Security function. As a senior member of the Security Operations SOC function you will work within a multidisciplinary SOC focused team preparing for and responding to security incidents. Here's some of the work you will be doing: Rapid response, detection, isolation, and remediation of security incidents. Mentoring and training more junior team members Establish and maintain operational security standards, processes, procedures, and guidelines. Monitoring internal and external security threats, as well as known vulnerabilities What you need to succeed: Experience of security engineering systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM & SOAR Experience analysing logs and creating automated log correlation using SIEM technologies Experience in integration, configuration, and automation of Security Operations tools ie SIEM, SOAR, ITSM, Vulnerability Management, Knowledge Management, Collaboration, etc If this sounds like a role you can get your teeth stuck into and make a real difference then please get in touch.
Feb 01, 2024
Full time
External Description Job Title: Lead SOC Analyst Location: Luton/Hybrid Salary: up to £75,000 + bonus depending on experience We are working with one of the leading airlines as they dominate their sector with Security investment and expansion. They are implementing state-of-the-art Security technologies and processes and want you to be part of it. They are not only disrupting the way people travel but also the way in which they are building their Security function. As a senior member of the Security Operations SOC function you will work within a multidisciplinary SOC focused team preparing for and responding to security incidents. Here's some of the work you will be doing: Rapid response, detection, isolation, and remediation of security incidents. Mentoring and training more junior team members Establish and maintain operational security standards, processes, procedures, and guidelines. Monitoring internal and external security threats, as well as known vulnerabilities What you need to succeed: Experience of security engineering systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM & SOAR Experience analysing logs and creating automated log correlation using SIEM technologies Experience in integration, configuration, and automation of Security Operations tools ie SIEM, SOAR, ITSM, Vulnerability Management, Knowledge Management, Collaboration, etc If this sounds like a role you can get your teeth stuck into and make a real difference then please get in touch.
Global Technology Solutions Ltd
Milton Keynes, Buckinghamshire
SOC Engineer Hybrid position one day in Milton Keynes on site. £40,000 - £50,000 Mon-Fri 9am to 6pm The ideal candidate for this position will have previous experience as a Microsoft Engineer with a strong background in products such as Defender and Sentinel, ideally within a SOC environment. Your work will involve implementing technology and supporting our customers working alongside other engineers, SOC Analysts and other members of the delivery team. This role has strong potential for career and training development as we deliver industry leading solutions to our customers. Main Duties/Responsibilities: * Implementation and support of Microsoft Defender and Sentinel * Designing and refining engineering standards and best practices * Conduct periodic Microsoft healthcheck assessments, audits, and architecture reviews * Work alongside SOC Analysts to improve the detection of security incidents * Research and implement new technologies that can be used within the SOC * Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC * Assisting with the triage of incidents alongside others * Draft reports and customer-facing documents to a high standard * Stay up to date with the latest cyber vulnerabilities * Assist with the development of more junior members of the team where required Essential Skills & Experience: * Any relevant Microsoft Certifications: AZ-104, SC-200, AZ-500 * Solid background as a Security Engineer/SOC Engineer * Ability to lead and design automation/Scripting in SIEM Tools * Experience with SIEM solutions such as Azure Sentinel, Splunk, McAfee, Rapid7, LogRhythym etc * Ability to design and document security processes * Analysing cloud security risks and threats, performing cloud security audits and assessments, and recommending cloud security controls * A strong analytical mindset with prior experience with KQL and PowerBI * Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
Jan 29, 2024
Full time
SOC Engineer Hybrid position one day in Milton Keynes on site. £40,000 - £50,000 Mon-Fri 9am to 6pm The ideal candidate for this position will have previous experience as a Microsoft Engineer with a strong background in products such as Defender and Sentinel, ideally within a SOC environment. Your work will involve implementing technology and supporting our customers working alongside other engineers, SOC Analysts and other members of the delivery team. This role has strong potential for career and training development as we deliver industry leading solutions to our customers. Main Duties/Responsibilities: * Implementation and support of Microsoft Defender and Sentinel * Designing and refining engineering standards and best practices * Conduct periodic Microsoft healthcheck assessments, audits, and architecture reviews * Work alongside SOC Analysts to improve the detection of security incidents * Research and implement new technologies that can be used within the SOC * Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC * Assisting with the triage of incidents alongside others * Draft reports and customer-facing documents to a high standard * Stay up to date with the latest cyber vulnerabilities * Assist with the development of more junior members of the team where required Essential Skills & Experience: * Any relevant Microsoft Certifications: AZ-104, SC-200, AZ-500 * Solid background as a Security Engineer/SOC Engineer * Ability to lead and design automation/Scripting in SIEM Tools * Experience with SIEM solutions such as Azure Sentinel, Splunk, McAfee, Rapid7, LogRhythym etc * Ability to design and document security processes * Analysing cloud security risks and threats, performing cloud security audits and assessments, and recommending cloud security controls * A strong analytical mindset with prior experience with KQL and PowerBI * Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
We are recruiting for a SC/DV Cleared SOC Analyst to join a highly regarded defence and aerospace client in the south west. - 3 month contract (inside IR35) with likely extension - paying up to £550 per day - Fully on site in Corsham due to the project being highly secure The role of the candidate will be an escalation point for all SOC operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, IDS/IPS etc, ensuring that all customer SLAs are met. You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed on time and work tickets updated/closed with satisfactory technical details included. The successful candidate will be comfortable at a technical level, often being required to attend technical workshops and customer briefings/service reviews. All Analysts are expected to be able to present and write professional reports to key stakeholders and exercise good time management. Tasks and Accountabilities Maintain currency in security concepts, tools and best practices When required perform initial triage/identification of 'Events of Interest' using a range of monitoring and detection tools. Complete analysis/correlation of 'Events of Interest' to identify incidents Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. Responsible for maintaining SOC work instructions - reviews & amendment. Maintain currency in security concepts, tools and best practices Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Manager or key stakeholders. Present & review reports to internal & external key stakeholders Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised. Carry out minor tool maintenance as directed by SOC lead engineer. Support the lead engineer for rules/policy/filters/use cases on SOC tooling. Research causes and effects of incidents and exceptions. Provide solutions to procedural failures and improvements to working practices. Mentoring - Improve inter team development through mentoring, knowledge sharing, briefing and production of guides and incident scenarios. Show flexibility in developing knowledge of supporting areas and performing their responsibilities during times of operational needs. Skills & Experience Essential TCP/IP Fundamentals ITIL Fundamentals (or equivalent) CompTIA Security (or equivalent) CompTIA Network (or equivalent) Wireshark Packet Analysis SIEM Administrator/Analyst SANS SEC401: Security Essentials (or equivalent) SANS SEC503: Intrusion Detection in-depth (or equivalent) SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) Desirable CCENT Ethical Hacker (CEH) Cisco Certified Network Associate CCNA FIAHMG - Fundamentals of Information Assurance in HMG (leading to CCP) CREST (Registered Intrusion Analyst) (CRIA) SANS SEC501: Advanced Security Essentials
Dec 17, 2022
Full time
We are recruiting for a SC/DV Cleared SOC Analyst to join a highly regarded defence and aerospace client in the south west. - 3 month contract (inside IR35) with likely extension - paying up to £550 per day - Fully on site in Corsham due to the project being highly secure The role of the candidate will be an escalation point for all SOC operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, IDS/IPS etc, ensuring that all customer SLAs are met. You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed on time and work tickets updated/closed with satisfactory technical details included. The successful candidate will be comfortable at a technical level, often being required to attend technical workshops and customer briefings/service reviews. All Analysts are expected to be able to present and write professional reports to key stakeholders and exercise good time management. Tasks and Accountabilities Maintain currency in security concepts, tools and best practices When required perform initial triage/identification of 'Events of Interest' using a range of monitoring and detection tools. Complete analysis/correlation of 'Events of Interest' to identify incidents Ensuring that all events, events of interest, exceptions & incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations. Responsible for maintaining SOC work instructions - reviews & amendment. Maintain currency in security concepts, tools and best practices Produce reports (as per templates) & vulnerability/trending analysis as requested by UK SOC Manager or key stakeholders. Present & review reports to internal & external key stakeholders Complete tooling configuration changes including but not limited to filters/tuning/dashboards as authorised. Carry out minor tool maintenance as directed by SOC lead engineer. Support the lead engineer for rules/policy/filters/use cases on SOC tooling. Research causes and effects of incidents and exceptions. Provide solutions to procedural failures and improvements to working practices. Mentoring - Improve inter team development through mentoring, knowledge sharing, briefing and production of guides and incident scenarios. Show flexibility in developing knowledge of supporting areas and performing their responsibilities during times of operational needs. Skills & Experience Essential TCP/IP Fundamentals ITIL Fundamentals (or equivalent) CompTIA Security (or equivalent) CompTIA Network (or equivalent) Wireshark Packet Analysis SIEM Administrator/Analyst SANS SEC401: Security Essentials (or equivalent) SANS SEC503: Intrusion Detection in-depth (or equivalent) SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (or equivalent) Desirable CCENT Ethical Hacker (CEH) Cisco Certified Network Associate CCNA FIAHMG - Fundamentals of Information Assurance in HMG (leading to CCP) CREST (Registered Intrusion Analyst) (CRIA) SANS SEC501: Advanced Security Essentials
Description & Requirements Our purpose The Tesco name comes with a dedication to customer service excellence, but Tesco Bank offers something more: a fresh approach to finance. While it's an innovation, ours is a business built on the next development, the evolution to come. For forward-thinking, technical professionals, that means making a wide-ranging and long-lasting impact in an organisation that's changing the face of banking for our customers We're on a mission to make our customers happier and more successful by putting them in control of their finances. The Role The Security Operations team is expanding and looking for a Junior Security Operations Specialist to join us at this key time to lead on exciting developments. As a technical leader you will be skilled in addressing a number of threat vectors to help our wider Security Operations team protect the Bank and our customers. This role will involve being responsible for the development and direction of a subset of our security tools and policies and mentoring our team of Operation Analysts. You will drive business engagement to build working relationships with the wider business to ensure their protection needs are met. What you'll bring We work with the following types of technology. We don't expect you to tick every box, and are interested to explore further if you hit most of the brief and are willing to develop your career here with us at Tesco Bank. Direct experience or relevant qualifications in IT Security. Security event management experience. Advanced skills with a subset of the following security technologies and processes, and knowledge of the majority: SIEM systems, Endpoint security & Anti-Virus, DDoS protection tools, Data Loss Protection tools Cloud, identity, and email security, Vulnerability scanning and organisational remediation Privilege Access Management Ability to challenge existing solutions and develop defences against modern threat actors. Stakeholder Engagement. Experience with change management processes. Ability to communicate well and accurately with different technology teams in both written and verbal terms. Proven technical team mentoring skills. A passion for continuously improving, learning, and making a positive impact. How to apply We value our people and diverse team and believe the variety of backgrounds and experiences make us stronger to achieve our goals. We encourage colleagues to be productive, focus on meaningful work, and look for ways to further develop themselves & career, and have an excellent work/life balance Our colleagues are working remotely. Looking to the future, we are excited to understand our 'new normal' and are committed to exploring the opportunities that a hybrid working environment could bring for our wider team. If you're interested in finding out more about what a career at Tesco Bank looks like, click apply to find out more! Our Purpose The Tesco name comes with a dedication to customer service excellence, but Tesco Bank offers something more: a fresh approach to finance. While it's an innovation, ours is a business built on the next development, the evolution to come. For forward-thinking, technical professionals, that means making a wide-ranging and long-lasting impact in an organisation that's changing the face of banking for our customers. We're on a mission to make our customers happier and more successful by putting them in control of their finances. Requisition description D&I statement - We value our people and diverse team and believe the variety of backgrounds and experiences make us stronger to achieve our goals. We encourage colleagues to be productive, focus on meaningful work, and look for ways to further develop themselves & career, and have an excellent work/life balance. Our colleagues are working remotely. Looking to the future, we are excited to understand our 'new normal' and are committed to exploring the opportunities that a hybrid working environment could bring for our wider team. If you're interested in finding out more about what a career at Tesco Bank looks like, click apply to find out more!
Sep 23, 2022
Full time
Description & Requirements Our purpose The Tesco name comes with a dedication to customer service excellence, but Tesco Bank offers something more: a fresh approach to finance. While it's an innovation, ours is a business built on the next development, the evolution to come. For forward-thinking, technical professionals, that means making a wide-ranging and long-lasting impact in an organisation that's changing the face of banking for our customers We're on a mission to make our customers happier and more successful by putting them in control of their finances. The Role The Security Operations team is expanding and looking for a Junior Security Operations Specialist to join us at this key time to lead on exciting developments. As a technical leader you will be skilled in addressing a number of threat vectors to help our wider Security Operations team protect the Bank and our customers. This role will involve being responsible for the development and direction of a subset of our security tools and policies and mentoring our team of Operation Analysts. You will drive business engagement to build working relationships with the wider business to ensure their protection needs are met. What you'll bring We work with the following types of technology. We don't expect you to tick every box, and are interested to explore further if you hit most of the brief and are willing to develop your career here with us at Tesco Bank. Direct experience or relevant qualifications in IT Security. Security event management experience. Advanced skills with a subset of the following security technologies and processes, and knowledge of the majority: SIEM systems, Endpoint security & Anti-Virus, DDoS protection tools, Data Loss Protection tools Cloud, identity, and email security, Vulnerability scanning and organisational remediation Privilege Access Management Ability to challenge existing solutions and develop defences against modern threat actors. Stakeholder Engagement. Experience with change management processes. Ability to communicate well and accurately with different technology teams in both written and verbal terms. Proven technical team mentoring skills. A passion for continuously improving, learning, and making a positive impact. How to apply We value our people and diverse team and believe the variety of backgrounds and experiences make us stronger to achieve our goals. We encourage colleagues to be productive, focus on meaningful work, and look for ways to further develop themselves & career, and have an excellent work/life balance Our colleagues are working remotely. Looking to the future, we are excited to understand our 'new normal' and are committed to exploring the opportunities that a hybrid working environment could bring for our wider team. If you're interested in finding out more about what a career at Tesco Bank looks like, click apply to find out more! Our Purpose The Tesco name comes with a dedication to customer service excellence, but Tesco Bank offers something more: a fresh approach to finance. While it's an innovation, ours is a business built on the next development, the evolution to come. For forward-thinking, technical professionals, that means making a wide-ranging and long-lasting impact in an organisation that's changing the face of banking for our customers. We're on a mission to make our customers happier and more successful by putting them in control of their finances. Requisition description D&I statement - We value our people and diverse team and believe the variety of backgrounds and experiences make us stronger to achieve our goals. We encourage colleagues to be productive, focus on meaningful work, and look for ways to further develop themselves & career, and have an excellent work/life balance. Our colleagues are working remotely. Looking to the future, we are excited to understand our 'new normal' and are committed to exploring the opportunities that a hybrid working environment could bring for our wider team. If you're interested in finding out more about what a career at Tesco Bank looks like, click apply to find out more!