41 jobs found

The team you'll be working with: SOC Analyst (L2) We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves 24/7 operations, likely in shift patterns of 4 days on, 4 days off. About Us NTT DATA is one of the world's largest global security services providers with over 7,500 security SMEs and an integration partner to many of the world's most recognized security technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfill their potential and do great things. We believe that by bringing everyone together, we can solve problems using innovative technology to create a sustainable and secure world. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation journeys. What you'll be doing: What you will be doing; The primary function of the SOC Analyst (L2) is to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigation of security events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and will coordinate with the customer's IT and security teams for resolution. Main Duties Security Monitoring & Investigation: Monitor SIEM tools to ensure high levels of security operations delivery. Oversee and enhance security monitoring systems to detect and analyze potential security incidents. Conduct real-time analysis of security events and escalate as needed. Support other teams in incident investigations, determining root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose. Incident Response: Lead and coordinate incident response activities to contain, eradicate, and recover from security incidents. Develop and maintain incident response plans aligned with industry best practices. Manage escalations during security incidents. Follow major incident processes. Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds for proactive detection. Security Tool Management: Manage and optimize SIEM tools, ensuring proper configuration and updates. Develop and implement SOC use cases. Evaluate new security technologies and recommend infrastructure enhancements. Collaboration: Work with cross-functional teams, including IT, legal, and management, on security incidents and preventive measures. Provide guidance to other analysts. Coordinate with technical teams to monitor new and updated services. Documentation: Maintain accurate documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Document event and incident management processes, runbooks, and playbooks. Other responsibilities: Participate in scoping and establishing new solutions. Assist pre-sales teams with requirements for new opportunities. Demonstrate SOC tools to clients. Recommend continual service improvements based on incident analysis. What experience you'll bring: What you will bring; This role is based on-site in Birmingham; candidates must be able to work in a 24/7 operation, likely in shift patterns of 4 days on, 4 days off. Must be able to obtain or already hold SC clearance. Good understanding of Incident Response approaches. Hands-on experience with Microsoft Sentinel or similar SIEM tools. Strong verbal and written English communication skills. Excellent interpersonal and presentation skills. Strong analytical skills. Good understanding of network traffic flows, normal vs. suspicious activities. Knowledge of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing). Ability to learn forensic techniques. Ability to reverse engineer attacks. Knowledge of ITIL disciplines such as Incident, Problem, and Change Management. Ability to work independently with minimal supervision. Willingness to work in a 24/7 or on-call role. Education & Experience Requirements 3-5 years of experience in IT security, preferably in a SOC/NOC environment. Cybersecurity certifications such as GIAC, ISC2, SC-200 are preferred. Experience with Cloud platforms (AWS and/or Microsoft Azure). Proficiency with Microsoft Office, especially Excel and Word. Reports to Security Director - NTT DATA UK Security Practice Client Delivery Director - NTT DATA UK Managed Services Who we are: We're a global business that empowers local teams, undertaking impactful work that changes the world. Our portfolio includes consulting, applications, cloud, and infrastructure services, offering opportunities to achieve great things with talented colleagues and clients. Our inclusive environment promotes respect, accountability, and continuous learning, fostering collaboration, well-being, growth, and agility. We are proud of our diversity and inclusion initiatives, including various Employee Networks. For more about our diversity efforts, visit: Creating Inclusion Together at NTT DATA UK NTT DATA What we'll offer you: We provide benefits supporting your physical, emotional, and financial well-being. Our Learning and Development team offers continuous growth opportunities. Flexible work options are available. More about NTT DATA UK & Ireland: We are an equal opportunities employer and a Disability Confident employer. We guarantee an interview to applicants with disabilities who meet role requirements and request accommodations during recruitment. Back to search Email to a friend Apply now

I am looking for a highly skilled Security Operations & Threat Intelligence Analyst to join a cybersecurity provider dedicated to protecting organizations from cyber threats. With global reach and deep technical expertise, the company delivers advanced threat detection, response, and intelligence services. Its mission is to build a safer digital society by helping businesses stay resilient through proactive security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence platforms (e.g., MISP, Recorded Future, ThreatConnect) • Scripting experience in Python, Bash, or similar for automation and analysis • Must hold or be eligible for a top-secret security clearance Why Join? • Join a mission-driven team focused on proactive defense and cyber resilience • Tackle real-world threats using modern tools and techniques • Enjoy competitive compensation, benefits, and professional development opportunities Security Operations & Threat Intelligence Analyst - up to $250k - USA (Multiple offices across the country)

IT Security Analyst - Permanent role - £41000 - £44000 per annum + Benefits - Central London - Hybrid Job purpose: Monitor security logs across the organisation. Assist the IT Security Manager to investigate security breaches and other cyber security incidents. Install effective security measures and operate software to protect systems and information infrastructure, including firewalls and data encryptions. Key Accountabilities: Effectively monitor the companies estate computer networks for security issues. Ability to learn and apply new security concepts. Investigate security breaches and other cyber security incidents, resolving them efficiently. Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs. Clearly document security breaches and assess the damage they cause, whilst also making well-considered recommendations to avoid similar security breaches. Collaborate well with the IT Security Manager to perform tests and uncover network vulnerabilities. Assist with resolving detected vulnerabilities to maintain a high-security standard. Research security enhancements and make well-considered and informed recommendations to IT Security Manager. Examine security systems and web applications. Monitor security access across the organisation. Assist with conducting security assessments through vulnerability testing and risk analysis within good time and to a high standard. Assist with performing both internal and external security audits. Analyse security logs from various systems for breaches and make recommendations as appropriate. Assist in verifying the security of third-party vendors and collaborating with them to fulfill security requirements. Review daily security logs for abnormal events and escalate them to the IT Security teams in a timely manner. Conduct technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation. Knowledge, skills and experience Essential skills: BSc in Cyber Security, Computer Science, or equivalent practical experience. Demonstrable technical knowledge of hybrid estate. Relevant experience of reviewing technical security events. Skilled in implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorized access and potential threats. Substantial experience of testing and reviewing security solutions. Practical experience of effectively managing cyber incidents. Strong reasoning and advisory skills, with the ability to effectively engage with and influence senior management. Able to communicate confidently and effectively with staff at all levels in the organisation. Able to collaborate well with third parties to understand critical security bottlenecks. Strong knowledge of Microsoft Defender and network architecture. Substantial experience in a Security Operations Centre (SoC), Network Operations Centre (NoC). Strong understanding of Incident Response processes and methodologies and experience with MITRE ATT&CK framework to map and analyse threats. Knowledge of Endpoint Detection and Response (EDR) platforms. Familiarity with threat hunting techniques and processes.

Role overview: Working for a security vendor, you'll be responsible for supporting the Head of SecOps in overseeing the company's Security Operations activity, improving and challenging existing processes and procedures in a very agile and fast moving information security environment. Main tasks and responsibilities: Operate within a global team that takes responsibility for the security monitoring of key technologies and tools across the estate Lead and manage a team of Security Analysts & the Vulnerability management team Comfortable operating in a technical capacity performing hands-on incident response and supporting/managing SOC analysts Act as a SME in matters related threat and vulnerability management incl incident response Understand security incidents and the likely impact these will have on the business Define and report on KPIs with recommendations for improvement Identify security risks, threats and vulnerabilities of the company's network, systems, applications and new technology initiatives Implement and maintain operating run books, operating processes and procedures Help to develop and configure use cases, and alerting rules within SIEM technologies Mange the vulnerability management programme that includes vulnerability scanning, security testing, threat monitoring and data loss and leakage prevention Direct on-going threat intelligence activities Mentor and develop security analysts Skills: Prior experience working/managing a SOC Demonstrable experience and operational knowledge of SIEM, firewalls, intrusion detection and vulnerability management systems/solutions Detailed understanding of Security Monitoring, Threat Intelligence, Vulnerability management and Incident Response Experience managing security incidents within a complex environment. Strong foundation in network security and common attack methodologies Exposure to user behaviour analytical tools is preferable Good understanding of common protocols such as HTTP, SMTP, SSL/TLS, SSH, DNS Must demonstrate strong analytical and problem-solving skills to enable effective security incident and problem resolution Knowledge of latest threat trends and security landscape Pre-requisites: Excellent analytical skills with the ability to see the bigger picture Excellent communication skills with the ability to influence multiple stakeholders Willingness to learn and adapt to new technologies coupled with a passion for cyber security Ability to self-motivate and define priorities to meet deadlines Good team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles Further info: Competitive salary & flex bens Flexible locations / remote To apply: Please either register your CV and complete the information fields requested or send your CV to referencing WDA154 and your current salary

Benefits Pulled from the full job description Car scheme Cycle to work scheme Private medical insurance Season ticket loan Sick pay Unlimited paid holidays Full job description A bit about us Our main focus at Waterstons is to help our customers build a better business by blending technology and strategy. We have offices in the UK and Australia. Our team also work across the globe to provide unique business solutions that directly adds value to our clients' businesses. Our clients tell us our people are our greatest strength, and who are we to disagree? We believe in our colleagues, and we make it a priority to reward their hard work.Unlimited holidays, flexible working, and private medical healthcare. These are only some of the amazing things we offer. Did we also mention that we've been awarded Gold Investors in People for a fourth consecutive time? About the role As a SOC Analyst within our Cyber Division, you will build relationships with prospective and active clients across the business and act as their trusted advisor, helping them to secure their business through the pragmatic use of technology and protect them from incoming threats. If you enjoy a varied environment, sharing your knowledge and experience to support, coach and mentor your colleagues, then we want to hear from you. Day to day responsibilities Lead threat detection and incident response across modern security platforms Monitor and analyse alerts from EDR/XDR platforms, cloud services (M365, AWS, Azure), SIEM systems and more. Manage and optimise security tools and detection rules. Create and deliver comprehensive client security reports. Respond to and analyse cyber incidents at all severity levels. Implement and maintain security best practices. Participate in threat hunting initiatives. Act of a point of escalation for Junior Analysts. Stay up to date on the latest security trends. Some of the skills we are looking for Essential A Strong understanding of IT and Cybersecurity Experience working in a SOC or Helpdesk role Analytical and problem-solving abilities Customer service mindset Passion for continuous learning Waterstons perks As well as offering a competitive salary, we have an attractive benefits package including: A healthy work life balance with flexible and agile working being the norm Unlimited holiday allowance EV car scheme (salary sacrifice) Rest days Room to grow with supported development opportunities and sponsored training Enhanced family policies If you ever need it, company sick pay and life assurance Supported wellbeing with regular initiatives, an employee assistance programme and private medical insurance Flexible benefits such as a dental scheme, eye care support, season ticket loan and cycle to work We require a security check to be carried out on all colleagues due to the nature of some of our clients' industries. Waterstons is committed to creating and an inclusive, understanding, and flexible place to work. We value diversity, equality and inclusion and encourage everyone to 'bring their whole selves' to work. We believe that a company that works to truly embrace and value diversity, create an environment where everyone from any background can do their best work, and feel valued and appreciated is a better company to work for. Privacy Statement Waterstons are gathering the data in this application for the purpose of recruitment and to ensure we can contact you regarding this application. For information about what we do with your personal data see our Privacy Notice.

Essential Duties and Responsibilities The Cyber Security Command Center (CSCC) provides the most timely and comprehensive intelligence on external threats to the Security Operations Center (SOC) for detection, continuous monitoring of multiple security-related information sources, threat hunting, and, when needed, manage incident response related to cyber, privacy, and data protection for Gates data, infrastructure, and networks. The CSCC team will take disparate data sets and combine it with threat information and other enrichment to conduct analysis and identify incidents and drive appropriate responses to contain and minimize impact the threats and restore normal operations. Key responsibilities: Actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, will provide proactive threat research, and recommend mitigation strategies. Utilize the latest in security technology and be at the forefront of incident response to support operations at Gates locations around the world. Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and providing cyber security metrics. Evaluating and determining if/when information security violations have occurred through examination of network or device logs, open-source research, vulnerability and configuration scan data, and user provided reports. Demonstrate a strong understanding of information security policies and doctrine, ability to draft, modify and create SOPs for use of other team members. Keys to Success Requires in-depth knowledge and experience Requires conceptual and practical expertise in own area and general knowledge of related areas Has knowledge of best practices and how own area integrates with others; is aware of the competition and the factors that differentiate the company in the market Supervisory Responsibilities Acts as a resource for other team members; may lead projects with limited risks and resource requirements Acts as a resource for colleagues with less experience Requirements and Preferred Skills 5-7 years of experience Degree in Computer Science, Cybersecurity, IT, or equivalent experience (min. 4 years). 2-4 years in a cybersecurity or SOC environment. Strong understanding of OSI model, incident response, and threat analysis. Proficient in SIEM tools (e.g., Splunk), IAM, server/network security, and vulnerability management. Familiarity with ISO 27001, NIST CSF, and general security frameworks. Effective communicator across all organizational levels; strong multitasking and organization skills. Experience with Linux systems; cloud knowledge is a plus

We're growing and want you to be a part of our journey. Information Security Manager This role will lead the Information Security team, manage the security controls to keep Isio's data, people and clients safe and ensure that work is delivered effectively. The role will report into the Head of IT Governance and will have overall responsibility for the Information Security. Our IT team operates a hybrid workstyle nationwide; there is a preference for this role to be based in Isio's Belfast or Birmingham office, however, there is flexibility to be based in any of Isio's UK offices for this position. Role and Responsibilities Collaborate with senior stakeholders Line manage the Information Security Analyst Manage the information security programme across Isio Maintain your knowledge of current and emerging cyber threats as well as risk mitigations Manage and maintain: Information Security risk register Information Security policies Information Security training Information Security related communications Own the relationship with key Information Security 3 rd parties (e.g. SOC, ISO related, email security) Conduct regular service reviews with our key Information Security providers Develop and manage Information Security protocols that maintain Isio's (and our clients') environments Own and improve Isio's cyber incident response capability, including reviewing and enhancing our Cyber Security Incident Response Plan (CSIRP) Design and execute cyber-attack simulation exercises Own the Information Security incidents raised in the Service Desk by Isio users/suppliers Actively monitor for security alerts announced by professional Information Security bodies Lead cyber incident response activities, including coordinating incident investigation, containment and remediation actions Conduct due diligence (including risk assessing) on proposed new solutions for Isio. Be responsible for and use Isio's enterprise tools to identify, assess and resolve security vulnerabilities Manage all penetration testing and arrange these for new and present solutions as required Manage and develop the Information Security team ensuring that it has the expertise and resources needed to address both current and emerging threats. Provide guidance and coaching to direct report, including professional development Key Skills & Experience Excellent knowledge of Information Security systems and solutions Significant experience of cyber security frameworks, methodologies, and best practices, such as ISO 27001, Cyber Essentials, NIST, CIS and OWASP Top10 The ability to articulate complex security concepts to both technical and non-technical audiences Experience of leading security-based projects Good understanding of attack vectors, and defensive and detection cyber technologies Ability to balance security priorities with the business' objectives, values and risk appetite Proven people management and leadership Great people management skills Proven track record of delivering solutions Excellent communicator Well organised and structured Qualifications (Desirable) CISM (Certified Information Security Manager) CISSP (Certified Information System Security Professional) GDPR / Data Privacy qualification Microsoft / CompTIA / Cisco / AWS or other technical cyber security qualification Demonstrated Commitment to our Core Purpose Power in Partnership : We work in partnership with our clients & each other - building open and trusted relationships. Working together allows us to deliver the best for our clients. Future Focus : We want to push our industry forward by solving problems in better ways that benefit both our clients & society. Strength in Difference : We work with diverse perspectives to find better solutions. Working with differences makes us stronger. People First : We recognise that pensions is a people business. People are the source of Isio's expertise and it is people's lives that we affect through our advice. What we offer you Isio is a people business, and we're committed to helping our great colleagues gain a wide variety of experience, significant development opportunities and progression through the business . The variety of work that'll be available to you will enable you to do this. On top, we also offer: A competitive remuneration package , including a bonus scheme. A defined contribution pension scheme . Life insurance . Healthcare benefits . Income protection benefits . 25 days annual leave (plus bank holidays) as standard with the option to purchase additional days of holiday. As well as two additional 'Company' days - a celebration day for your birthday and an extra day over Christmas. Corporate Social Responsibility (CSR) allowance Flexible working opportunities. A flexible benefits package. Internal development programmes including (technical and non-technical) training support and mentor programmes. Where required study support including study days, materials and exam entry support. What's next? Click on the 'apply' and follow the simple application process online. If you think you may require a reasonable adjustment to be made for any reason at any stage of your recruitment process, please email About Isio Isio was 'born' in 2020 from the sale of KPMG UK's Pension Practice to a private equity firm. An industry-leading challenger, we provide diverse expertise spanning Pensions, Investment, Benefits and Wealth to give clients an integrated experience. Isio is built by challengers, innovators and forward-thinkers, grounded around a vision which strives to deliver greater financial confidence for everyone. We empower and develop those who join us - valuing curious minds and giving people the freedom to outperform. Known and respected for our agility, we harness specialist experience, bold thinking and the desire to push the boundaries of what we can achieve for our clients, from small to blue chip, public to private. Isio is growing and we are looking for people who share our purpose and behaviours to join us on this journey, as we continue driving exceptional results for both our clients and people. At Isio, we are committed to fostering an inclusive, equitable and diverse workplace, in which our colleagues feel they belong, regardless of background or difference. We uphold the values of respect, fairness, and inclusion in our actions and decisions. We believe that by adhering to these principles, we will create a stronger, more innovative, and supportive environment for all, as well as ensuring that the advice and support we provide to our clients is more creative, more insightful and leaves a lasting impact. We have offices across the UK and many of our roles offer a hybrid, flexible approach to work to help create a work-life balance that works for you. Isio Group is an equal opportunities employer and we welcome applications from all suitably qualified candidates.