11 jobs found

Protective Intelligence Analyst - Locations: London, United Kingdom; Mountain View, California; New York City, New York; San Francisco, California; Washington, D.C. While candidates in the listed location(s) are encouraged for this role, candidates in other locations will be considered. Mission At Databricks, we build tools that help organizations unlock the power of AI and big data-securely, responsibly, and at scale. Our Corporate Security & Investigations team is at the heart of this mission, proactively protecting our people, assets, and operations so our teams can focus on innovation with confidence. We're looking for a Protective Intelligence Analyst to join our growing Corporate Security team. In this role, you'll track and analyze potential physical security threats from open source intelligence (OSINT), social media, and the dark web, while staying ahead of emerging geopolitical developments that may impact our work. Your insights will drive security measures, protect our people and executives, and strengthen our global risk posture. Key Responsibilities Monitor and analyze OSINT streams, social media, and dark web sources to identify potential credible threats and inform decision making across Databricks. Conduct persons of interest (POI) investigations to assess severity, recommend countermeasures, and safeguard executives and at risk personnel. Perform end to end risk based intelligence assessments for people, operations, and assets. Build and maintain protocols for monitoring travel risks, advising business travelers and executives, and responding to critical incidents affecting personnel on the move. Collaborate with Corporate Security, Legal, People teams, and other cross functional partners to respond to emerging threats. Prepare concise, high impact intelligence briefings and reports for leadership and stakeholders. Analyze geopolitical trends and world events to proactively identify risks to our business, offices, and personnel. Use advanced analytical tools and technologies to enhance the speed and accuracy of your assessments. Maintain and evolve protective intelligence protocols, methodologies, and best practices. Build trusted intelligence sharing networks across the company and with external partners. Required Qualifications Bachelor's degree in Criminal Justice, Cybersecurity, or a related field (or equivalent experience), along with 5+ years of experience in investigations, protective intelligence, geopolitical analysis or executive protection. Deep knowledge of OSINT research techniques, corporate security protocols, risk assessment, and the intelligence cycle. Proficiency with analytical tools, including OSINT monitoring tools, threat detection, and case management software. Familiarity with the ASIS PCI investigative and/or ATAP threat assessment frameworks. Demonstrated ability performing geopolitical analysis, and converting that into actionable intelligence for decisionmakers. Proven ability to distill complex information into clear and actionable insights for diverse audiences-technical teams, senior leaders, and external partners. Exceptional problem solving skills and adaptability in fast changing environments. Comfort working independently or within a small, distributed team. Proven record of managing or mentoring contingent workers, third party security resources, or cross functional teams involved in intelligence gathering and risk mitigation. Availability to work flexible hours, including nights and weekends, to respond to urgent security events. High integrity, professionalism, and the ability to handle sensitive or confidential matters with discretion. Active U.S. or U.K. security clearance or the ability to obtain one preferred. Pay Range Transparency Databricks is committed to fair and equitable compensation practices. The pay range for this role is listed below and represents the expected salary range for non commissionable roles or on target earnings for commissionable roles. Zone 1 Pay Range $167,700 - $234,750 USD Zone 2 Pay Range $150,900 - $211,275 USD About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide - including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 - rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark , Delta Lake and MLflow. Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio economic status, veteran status, and other protected characteristics. Compliance If access to export controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East, Africa, Asia, Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. As one of the top financial groups globally with a vision to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG's global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do. We aim to be the financial partner of choice for our clients, whatever their requirements, building long term relationships, serving society, and fostering shared and sustainable growth for a better world. MUFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: MTU) stock exchanges. The group's operating companies include, but are not limited to, Bank of Tokyo Mitsubishi UFJ, Mitsubishi UFJ Trust and Banking (Japan's leading trust bank), Mitsubishi UFJ Securities Holdings (one of Japan's largest securities firms), and MUFG Americas Holdings. Please visit our website for more information - Technology Overview Technology is responsible for the operation, development and support of all technology across all areas of the local and international business. We ensure the IT strategy, architecture solutions, and service delivery are firmly aligned to business requirements and long term strategy of the group. Technology Functions Architecture and Development team - responsible for the provision of shared services including architecture, middleware, new systems development, quality assurance and release management. Middle, Risk and Back Office Team - responsible for all the applications used by these areas including the main trading system, Murex. Front Office Solutions - provides a business oriented focus to all technological developments that affect the trading floor. Infrastructure team - supports the operation of all production services, voice and data networks, other voice systems and desktop systems. Programme Office and Purchasing - responsible for definition, prioritisation and delivery of the annual investment portfolio as well as procurement and software licence management. IT Risk and Control - responsible for implementing and managing all technology related controls over IT and information risk and business continuity, supporting the provision of disaster recovery solutions, performing risk assessments, and managing business recovery plans and the business recovery facility. Information Security is also the responsibility of this function. Main Purpose of the Role Ensure effective management and control of information security, IT and information risk for MUSI by ensuring all appropriate Security, IT and common sense controls are in place, that these controls are being followed and that this is evidenced across the whole business and IT department. Liaise with the other information security functions within the MUS international business and MUFG group to ensure a consistent approach to all controls, standards and policies is adopted across the organisation. Ensure all necessary Information Security controls are in place and that an appropriate strategy to protect the firm from all Cyber, external and internal threats is defined and being implemented. Develop, implement and manage compliance with appropriate IS and IT Security policies, standards and procedures. Support the relationship and associated reporting requirements between Technology and internal and external bodies e.g. auditors, management committees, Tokyo head office, regulators (via Compliance), Operational Risk. Key Responsibilities In this role, you will be responsible for information/ cyber security across MUFG's banking arm and securities business under a dual hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you. Serve as the Tier 2 escalation point within the SOC, leading investigations into complex security incidents. Perform in depth analysis of escalated events and alerts to determine root cause, scope, and impact. Lead and coordinate incident response efforts, ensuring timely containment, eradication, and recovery. Act as the Centre of Excellence (CoE) for Incident Response, setting best practices and standards across the global SOC and IR (Incident response) functions. Contribute to the globalization of SOC and IR processes, ensuring alignment and consistency across regions. Collaborate with global SOC and IR teams to harmonise incident response workflows, tooling, and reporting standards. Provide expert guidance to Detection Engineers to optimise detection logic and improve alert fidelity. Mentor and train junior SOC and IR analysts, fostering a culture of continuous learning and operational excellence. Contribute to the development and refinement of Standard Operating Procedures (SOPs) for Tier 1 and Tier 2 operations. Conduct quality assurance reviews of Tier 1 analysis and provide constructive feedback. Collaborate with the Detection Logic Engineering team to enhance detection capabilities and threat coverage. Support audit and regulatory engagements by providing timely and accurate responses to information requests. Liaise with cross functional technology teams to ensure timely resolution of response tasks and elevate issues as needed. Support broader Information Security and Operational Security initiatives as required. Maintain up to date knowledge of cyber threats, attacker techniques, and relevant laws, regulations, and best practices. Participate in out of hours incident response rotations as necessary. Skills and Experience Minimum 3 years of experience in a Senior SOC Analyst or Tier 2/3 role. Proven expertise in threat analytics, incident response, and cyber investigations. Strong understanding of attacker tactics, techniques, and procedures (TTPs) across diverse environments. Familiarity with industry standard incident response frameworks (e.g., NIST, SANS). Experience with both network based and host based threat detection and analysis. Proficiency in writing detection queries (Splunk preferred) and working with SIEM/EDR/SOAR tools. Solid understanding of operating systems, networking, and security infrastructure. At least 5 years of experience in Information Security within the financial services sector. Strong analytical and communication skills, with the ability to present complex issues clearly to stakeholders. Knowledge of international security standards and control frameworks (e.g., ISO 27001, NIST CSF). Personal Requirements Excellent communication and interpersonal skills. Results driven with a strong sense of accountability and urgency. Proactive, structured, and logical approach to problem solving. Strong decision making skills and sound judgment under pressure. Ability to manage multiple priorities and meet tight deadlines. High attention to detail and accuracy. Calm and composed under pressure, with a collaborative mindset. We are open to considering flexible working requests in line with organisational requirements. MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership. We make our recruitment decisions in a non discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.

About Us Turnkey Consulting is an independent risk and security consultancy that brings together people, protection, and performance to help organisations achieve Digital Enterprise Resilience. For more than 20 years, Turnkey has enabled the world's leading companies to understand and optimise their risk and security landscape through assessment-based road mapping, organisational empowerment, and expert application of market-leading technologies. Turnkey is headquartered in London with offices across Asia, Australia, Europe, and North America. Role Overview We are seeking an experienced individual with a strong foundation in SAP Vulnerability Management and Threat Detection systems, including associated controls, proficiency in SAP environments, and awareness of Cybersecurity frameworks. Responsibilities Design, implement, and assess vulnerability management frameworks, primarily within SAP-enabled environments. Lead client conversations on SAP Vulnerability and Threat Management strategy, compliance challenges, and controls optimisation. Provide insight on Information Security frameworks (OWASP/NIST/NIS2 etc.) and the Secure Operations Map, helping communicate regulatory or good practice obligations and actionable solutions. Manage and mentor junior consultants and analysts to aid a high-performance team culture. Support business development activities, including scoping, proposal development, and client pitches throughout the sales lifecycle. Build long-term relationships with clients as a trusted advisor in controls and compliance. Required Core Behaviours Ability to focus on the "why" of our solutions, not just the how. Demonstrable experience in prioritising the client's objectives Passionate about improving the perception of the industry towards a more business growth enabling function. Demonstrable ability to build productive relationships with both internal and external stakeholders in a hybrid working environment. Required Skills & Experience Strong experience designing and executing detection and protective controls, ideally within SAP ERP systems. Experience in one of Onapsis, Security Bridge, SAP ETD, Pathlock CAC. Strong experience of implementing vulnerability management controls (implementation and testing). Knowledge of relevant industry frameworks and vendor solutions aligned to provide such control solutions. Demonstrated ability to lead engagements and communicate effectively with senior stakeholders. Proven track record in team management and mentoring. Familiarity with the consulting sales lifecycle, including opportunity identification and bid support. Excellent analytical, presentation, and organisational skills. Preferred Qualifications Professional certifications such as CREST or equivalent. Experience in risk advisory or Big Four consultancy environment. Exposure to emerging technologies in risk and controls, such as automation, data analytics, AI etc. Reports to: RSC Director Salary: Competitive salary depending on a combination of factors, including level of experience and expertise, in addition to an OTE bonus. Location: Based in our London office, with hybrid working (expected office working 2-3 days per week). Occasional travel to our offices in other countries will be expected as part of this role if there is a requirement to do so. Benefits include: Pension: on joining, employees will be automatically enrolled in our workplace pension scheme Holiday Entitlement: employees receive 25 days per holiday year plus all statutory bank and public holidays in England and Wales Private Medical Insurance: employees will be enrolled onto the company BUPA healthcare scheme Insurances: Life Insurance and Critical Illness cover are provided to all employees Carbon Offset: Employees will be enrolled on the company's carbon offset scheme, which is committed to offsetting at least 50% of all employees' personal carbon emissions. All Turnkey employees are entitled to £40 worth of carbon credits each year, which can offset 7 tonnes of carbon. Options are available to increase carbon credit amounts, which would be treated as a benefit in kind.

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case/playbook implementationon customer tenants, with a strong focus on customer satisfaction. This rolegoes beyond pure analysis to include significant customer engagement to ensurelong-term client retention. This is a full-time position that can be performed fullyremotely from the United Kingdom, or for those local to the West Yorkshire areaa hybrid role, with occasional travel to our Leeds SOC. Main Tasks Leadtechnical engagements with managed clients, internal teams, and externalpartners to assess security requirements and develop effective solutions. Detectionrule creation, log source onboarding, tuning and building response plans /playbooks. Respondto customer requests for security monitoring and recommend / devisedetection rules. Supportingboth in-life services as well as new customers. Investigatecomplex security events and alerts. Researchthreats and vulnerabilities. Helpto support and mentor our apprentices. Contributeto the SIS On Call Rota (approximately 1 week in 5). Personal Qualities A"Customer Centric" attitude, with the ability to communicate with bothtechnical and non-technical parties effectively. Theability to build credibility quickly with colleagues and customers. Competentand confident in customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst / or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft Sentinel, Splunk, Qradar, or Humio/Logscale is alsovaluable. Backgroundknowledge in another IT discipline (e.g. Public Cloud, Windows Server,Linux, or Networking). Someexperience with scripting tools such as Powershell, Python, Bash andRESTful API's (Application Programming Interfaces). Experiencein customer engagement, adept at identifying and addressing customerneeds, and proficient at fostering positive client relationships. History Cyber Security Specialists, SEP2 is an organisationproviding advanced cyber security services solutions and tech-driven servicespowered by passionate and honest people. SEP2 started out in Leeds as an organisation built to addvalue and do business the right way. We've grown, we've developed, and we'veevolved, we've taken on experts to expand our knowledge base and technicalskills, building a portfolio of accreditations and we've developed importantrelationships with our vendors. SEP2 are an award-winning cyber-security specialist, whosesuccess is built on five values: Passion TechDriven PeoplePowered Committedto Doing Good Every SEP2 colleague lives these values every day. We have aculture of passionate people who work as a team that will never leave a jobincomplete. We believe in giving every member of our team responsibility. Wenurture the desire to solve problems at the root cause. We encourage continuousimprovement. We're here to beat the bad guys and we're here for thelong-term.

Hybrid About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world's largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine's Top Company Cultures list and ranked among the World's Most Innovative Companies by Fast Company. We realize people do not fit into neat boxes. We are looking for curious and empathetic individuals who are committed to developing themselves and learning new skills, and we are ready to help you do that. We cannot complete our mission without building a diverse and inclusive team. We hire the best people based on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat intelligence for Cloudflare's customers About the Role We're seeking a Data Scientist to join our team and drive the analytical rigor behind our cyber threat intelligence efforts. In this highly impactful, hands-on role, you will be instrumental inresearching, developing, and applying advanced analytical techniques and statistical models to massive datasets from our global network. Your work will uncover patterns, identify anomalies, and build predictive insights to detect and neutralize sophisticated cyber threats. You'll directly enhance our Cloudforce One offering by transforming raw data into critical, real-time threat intelligence, providing unparalleled protection and actionable insights to our customers. If you are passionate about applying sophisticated data science to solve complex cybersecurity challenges at an unprecedented scale, we want you on our team. The ideal candidate will possess a strong foundational knowledge of data science principles and statistical modeling. Day-to-day responsibilities include: Collaborate with other Data Scientists and Machine Learning Engineers to design and implement analytical approaches that inform scalable threat detection models. Partner with threat intelligence analysts to understand emerging attack techniques and leverage data to develop novel detection strategies and expose findings. Perform in-depth data analysis to identify trends, relationships, and anomalies within vast security datasets. Develop, validate, and refine statistical and machine learning models for threat detection and intelligence generation. Monitor the performance of analytical models and threat intelligence pipelines, continuously identifying opportunities for improvement and refinement. Investigate and resolve data-related issues in production environments, ensuring the accuracy and integrity of our threat intelligence. Examples of desirable skills, knowledge, and experience: Thorough understanding of statistical modeling, hypothesis testing, and various machine learning algorithms, including their strengths and weaknesses across different data types. Desire to see a data-driven project through all the way from initial research and experimentation, through model validation, to the delivery of actionable insights and automated processes. Demonstrated ability to present complex analytical findings clearly and concisely, and actively solicit and incorporate feedback. Proven ability to deliver high-quality analytical work (what) with strong collaborative and problem-solving behaviors (how). Bonus Points These are skills that are beneficial and may be required in the role; we are happy to support your learning on the job, but prior experience is a plus: Experience with large-scale data processing frameworks (e.g., Spark, Flink). Experience with time series analysis, anomaly detection, or graph analytics in a security context. Proficiency in data visualization tools and techniques to effectively communicate complex findings. A basic understanding of the cyber threat landscape and technical Indicators of Compromise (IOCs). Experience with Natural Language Processing (NLP) for analyzing unstructured security data. What Makes Cloudflare Special? We're not just a highly ambitious, large-scale technology company. We're a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet. Project Galileo : Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare's enterprise customers at no cost. Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states. 1.1.1.1 : We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released. Here's the deal - we don't store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers. Sound like something you'd like to be a part of? We'd love to hear from you! This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license. Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law. We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at or via mail at 101 Townsend St. San Francisco, CA 94107.

LocationColden Common, Winchester, United KingdomJobs at Evalian Limited# Level 2 SOC Analyst at Evalian LimitedLocationColden Common, Winchester, United KingdomSalary£35000 - £45000 /yearJob TypeFull-timeDate PostedOctober 21st, 2025Apply NowEvalian is a UK based consultancy specialising in cyber security, penetration testing, data protection and ISO compliance. We are excited to be expanding our cyber security offering to encompass managed security services, specialising in security monitoring, threat detection, and response. As we expand, we are looking for a motivated and enthusiastic SOC Analyst to join our team and help protect our customers from cyber threats. This is an entry-level role, perfect for someone passionate about cybersecurity who wants to build a career in security operations.We are seeking a Level 2 SOC Analyst to join our growing team, someone who brings hands-on security experience, sharp analytical thinking, and a passion for proactive defence. The Role As an L2 SOC Analyst, you'll play a key role in the ongoing protection of Evalian's customers. Acting as an escalation point for L1 analysts, you'll perform advanced triage, investigation, containment, and remediation of security incidents across multiple environments.You'll work with modern security tooling including Microsoft Sentinel, Defender XDR, EDR platforms, and cloud-native threat detection systems. You'll also contribute to improving detection logic, playbooks, and operational processes as part of a collaborative and continuously improving SOC team.This role includes participation in an on-call rotation to provide out-of-hours escalation support for high-severity incidents. On-call duties are shared evenly across the SOC team and are compensated in addition to base salary. Responsibilities Act as the primary escalation point for L1 SOC analysts, validating and investigating escalated alerts. Perform detailed analysis of SIEM, EDR, and threat intelligence data to determine root cause, scope, and impact of incidents. Lead incident response and containment actions under guidance from senior SOC engineers or the SOC Lead. Create, test, and tune detection rules, correlation queries, and automated playbooks in SIEM and SOAR platforms. Collaborate with customers to provide context, remediation recommendations, and post-incident summaries. Identify and document emerging threats and adversary techniques relevant to customer environments. Participate in threat hunting and continuous improvement of detection coverage and workflows. Maintain detailed and accurate records of investigations and actions in the SOC ticketing system. Mentor and support L1 analysts by sharing knowledge and improving triage procedures. Skills and qualifications Essential 1-4 years of experience in a SOC, MDR, or incident response environment. Strong analytical and problem-solving skills with attention to detail. Great understanding of attack techniques (MITRE ATT&CK), threat actor behaviour, and defensive controls. Hands-on experience with SIEM platforms (preferably Microsoft Sentinel or similar). Familiarity with EDR/XDR solutions such as Defender for Endpoint, CrowdStrike, or SentinelOne. Working knowledge of network security fundamentals, including TCP/IP, firewalls, and intrusion detection. Understanding of Windows, Linux, and cloud environments (Azure, AWS, or GCP). Excellent written and verbal communication skills, particularly for incident reporting. Ability to work independently and collaboratively in a fast-paced environment. Desirable (Not required but a plus) Scripting or automation skills (Python, PowerShell, etc.). Industry certifications such as CompTIA Security+, Microsoft SC-200, or GIAC (GCIH, GCIA). Exposure to threat intelligence analysis or incident response frameworks. What we offer Guided internal training and industry standard certifications Exposure to real-world cybersecurity incidents and hand-on experience Opportunities for career growth within our SOC team. Flexible work environment BBQ Thursdays The package The salary will depend on your experience and qualifications but will be in the range of £35,000 - £45,000 plus benefits.Employees get 25 days of annual leave per year plus your birthday day off and access to our pension scheme. Benefits include private medical insurance, dental cashback, optical cashback and life insurance cover.Hours: Monday to Friday, 9:00-17:30 Location and minimum requirements This role is in-office based near Winchester in Colden Common to support training and focus on team-relationship building and fostering a strong team culture. After probation and training period, you will have the option to transition to a hybrid working arrangement.From time to time, you may be asked to attend client sites, or we may request you attend our offices or events for various purposes, but we'll always provide you with advance notice. Travel expenses will be reimbursed.When home-based, you'll need to have a dedicated, secure, working area and reliable internet connection.We are committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination Agencies We are not working with agencies at this time. Thank you.