Ready for your next move in cyber security? Join our fast-growing Security Operations Centre, where you'll help defend multiple organisations across a wide range of industries - from critical infrastructure to complex enterprise environments. As part of our SOC team, you'll play a key role in strengthening and maturing our services, helping deliver smart, efficient and high-impact security outcomes for our clients. You won't just monitor alerts. You'll investigate, enhance detection capability, influence processes and help shape how we defend modern environments. You'll gain exposure to real-world threats, diverse technology stacks and large-scale operations - giving you the kind of hands-on experience that accelerates careers. If you're curious, analytical and enjoy solving problems that genuinely matter, this could be your next challenge. Our team operates a 24/7 SOC. This role involves working day and night shifts. Office based in Hemel Hempstead. You must be eligible for SC Clearance. What you'll be doing: Monitoring and analysing security alerts and events, conducting initial investigations responding. Escalating complex incidents to Senior Analysts for deeper analysis and resolution. Managing SOC incident queues. Maintaining and improving asset baselines across customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you'll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification (e.g. Security+, CEH, CPSA) or similar. It would be great if you had: ? Scripting or programming skills (Python, PowerShell, Bash, Perl, C++). Broader SIEM experience (e.g. QRadar). Additional SOC or CREST certifications. If you're interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full-time, Permanent. Location: Hemel Hempstead. Security Clearance Level: SC. Internal Recruiter: Jane. Salary: £42,000 to £58,000. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance and pension. Shift allowance. Sopra Steria: Our Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 03, 2026
Full time
Ready for your next move in cyber security? Join our fast-growing Security Operations Centre, where you'll help defend multiple organisations across a wide range of industries - from critical infrastructure to complex enterprise environments. As part of our SOC team, you'll play a key role in strengthening and maturing our services, helping deliver smart, efficient and high-impact security outcomes for our clients. You won't just monitor alerts. You'll investigate, enhance detection capability, influence processes and help shape how we defend modern environments. You'll gain exposure to real-world threats, diverse technology stacks and large-scale operations - giving you the kind of hands-on experience that accelerates careers. If you're curious, analytical and enjoy solving problems that genuinely matter, this could be your next challenge. Our team operates a 24/7 SOC. This role involves working day and night shifts. Office based in Hemel Hempstead. You must be eligible for SC Clearance. What you'll be doing: Monitoring and analysing security alerts and events, conducting initial investigations responding. Escalating complex incidents to Senior Analysts for deeper analysis and resolution. Managing SOC incident queues. Maintaining and improving asset baselines across customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you'll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification (e.g. Security+, CEH, CPSA) or similar. It would be great if you had: ? Scripting or programming skills (Python, PowerShell, Bash, Perl, C++). Broader SIEM experience (e.g. QRadar). Additional SOC or CREST certifications. If you're interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full-time, Permanent. Location: Hemel Hempstead. Security Clearance Level: SC. Internal Recruiter: Jane. Salary: £42,000 to £58,000. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance and pension. Shift allowance. Sopra Steria: Our Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
We're expanding our Security Operations Centre in Farnborough and looking for sharp, collaborative L2 SOC Analysts to protect enterprise-scale environments across the Defence sector. You'll investigate real threats, tune detections, and make measurable impact-using Microsoft Sentinel, Splunk, and MISP. Your work fuels national security. Your growth fuels our mission. Role based on site in our Farnborough office and is shift work. 2 x 6am to 6pm, 2 x 6pm to 6am, 4 days off. You do need to be eligible for DV Clearance for this role, and cannot start until your clearance is through. What you'll be doing: Monitor, analyse security alerts and events, conduct initial investigations, and determine the appropriate response. Raise complex incidents to Senior Analysts. Manage SOC Incident queues. Support the maintenance of monitored asset baselines of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members to maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you'll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/IP, WANs, LANs and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Entry level cyber security certification (e.g. CompTIA Security+, CEH, CPSA). CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Completed an academic module in cyber security or a related subject It would be great if you had: Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: Office based in Farnborough Security Clearance Level: Eligible for DV Clearance Internal Recruiter: Jane Salary: To £58K Depending on experience, plus on shift allowance. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance, pension. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 03, 2026
Full time
We're expanding our Security Operations Centre in Farnborough and looking for sharp, collaborative L2 SOC Analysts to protect enterprise-scale environments across the Defence sector. You'll investigate real threats, tune detections, and make measurable impact-using Microsoft Sentinel, Splunk, and MISP. Your work fuels national security. Your growth fuels our mission. Role based on site in our Farnborough office and is shift work. 2 x 6am to 6pm, 2 x 6pm to 6am, 4 days off. You do need to be eligible for DV Clearance for this role, and cannot start until your clearance is through. What you'll be doing: Monitor, analyse security alerts and events, conduct initial investigations, and determine the appropriate response. Raise complex incidents to Senior Analysts. Manage SOC Incident queues. Support the maintenance of monitored asset baselines of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members to maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you'll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/IP, WANs, LANs and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. Entry level cyber security certification (e.g. CompTIA Security+, CEH, CPSA). CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Completed an academic module in cyber security or a related subject It would be great if you had: Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC related certifications. Experience with SIEM technologies, namely Sentinel and Splunk, with some experience with QRadar. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: Office based in Farnborough Security Clearance Level: Eligible for DV Clearance Internal Recruiter: Jane Salary: To £58K Depending on experience, plus on shift allowance. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance, pension. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
Are you a Detection Engineer ready to take on the fight against modern adversaries? Join a well-established SOC working with high-profile Defence clients, where your expertise genuinely matters. In this hands-on technical role, you'll own the end-to-end design, development and maturity of detection logic across SIEM platforms-engineering effective responses to real-world attacker techniques. You'll operate with a high degree of autonomy, acting as a trusted SME across multiple secure environments within a complex MSSP setting. This is a standout opportunity to advance your career at the sharp end of cyber defence. Location: Hybrid working - 2 days per week in our Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: ? Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts for SOC analysts. Act as a technical authority, providing expert guidance to SOC Analysts, Architects and Engineers to strengthen overall detection capability. Define, implement and maintain technical detection standards across environments. Clearly communicate complex technical risks and detection logic to both technical teams and non-technical stakeholders. What you'll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into actionable detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills in Python, PowerShell, or similar, supporting automation and data manipulation. Experience developing detections in QRadar and/or conducting EDR-focused threat hunting (e.g. CrowdStrike, Microsoft Defender for Endpoint). Broad infrastructure awareness across Cloud (Azure/AWS), on-prem, and SaaS / PaaS / IaaS environments. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full-time, Permanent. Location: Hybrid: 2 days per week in Farnborough. Security Clearance Level: SC Cleared or eligible. Internal Recruiter: Jane. Salary: To £65,000. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance and pension. Sopra Steria: Our Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 03, 2026
Full time
Are you a Detection Engineer ready to take on the fight against modern adversaries? Join a well-established SOC working with high-profile Defence clients, where your expertise genuinely matters. In this hands-on technical role, you'll own the end-to-end design, development and maturity of detection logic across SIEM platforms-engineering effective responses to real-world attacker techniques. You'll operate with a high degree of autonomy, acting as a trusted SME across multiple secure environments within a complex MSSP setting. This is a standout opportunity to advance your career at the sharp end of cyber defence. Location: Hybrid working - 2 days per week in our Farnborough office. Security: You must hold or be eligible for SC Clearance. What you'll be doing: ? Design, build, test and continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts for SOC analysts. Act as a technical authority, providing expert guidance to SOC Analysts, Architects and Engineers to strengthen overall detection capability. Define, implement and maintain technical detection standards across environments. Clearly communicate complex technical risks and detection logic to both technical teams and non-technical stakeholders. What you'll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into actionable detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills in Python, PowerShell, or similar, supporting automation and data manipulation. Experience developing detections in QRadar and/or conducting EDR-focused threat hunting (e.g. CrowdStrike, Microsoft Defender for Endpoint). Broad infrastructure awareness across Cloud (Azure/AWS), on-prem, and SaaS / PaaS / IaaS environments. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full-time, Permanent. Location: Hybrid: 2 days per week in Farnborough. Security Clearance Level: SC Cleared or eligible. Internal Recruiter: Jane. Salary: To £65,000. Benefits: 25 days annual leave with the choice to buy additional days, health cash plan, life assurance and pension. Sopra Steria: Our Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
SOC Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual basis. The firm are an extremely modern law firm which offer a healthy hybrid working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage and fidelity by conducting regular assessments of the SIEM architecture. To be considered for this SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100)Defender) role, it's ideal you have: 3 + years within a similar role Ideal but not required law firm experience Security qualifications such as CISSP, CISM, CEH, CompTIA Sec+ or others SIEM Engineering & Maturity Enhance and optimise the existing SIEM platform to improve performance, coverage, and fidelity. Conduct regular assessments of SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop and maintain custom parsers, connectors, and ingestion playbooks. Work with internal teams and vendors to ensure high-quality, reliable telemetry and error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. Provide technical SME support for complex incidents that require deep SIEM or log knowledge. Documentation & Governance Maintain high-quality documentation covering data models, feed onboarding, use cases, correlation logic, and architecture. Ensure alignment with internal controls, compliance requirements, and industry standards. Education, Skills & Experience Technical Expertise Hands-on experience with leading SIEM platforms (e.g., Exabeam, LogRhythm, ArcSight, Microsoft Sentinel, Splunk, QRadar, Elastic). Strong understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong understanding of networking, Windows/Linux systems, Cloud platforms (Azure/AWS/GCP), identity systems, and endpoint protection technologies (e.g. SentinelOne and Microsoft Defender) Knowledge of MITRE ATT&CK, cyber kill chain, and threat hunting methodologies. Must Have Level 4 or higher qualification in a computing subject, or equivalent experience IT experience including both IT Infrastructure and Information Security roles Relevant professional certifications that validate the fundamental skills required to perform the role, e.g. GIAC (GCIA,GCDA,GMON) Microsoft SC-200/SC-100, CompTIA Secure Infrastructure Specialist (CSIS), SSCP/CISSP etc Strong skill level in scripting technologies, including Python, MS PowerShell and PowerApps Ability to conduct research into Infrastructure issues and products as required Self-starting with strong interpersonal, written, and oral communication skills. Ability to engage colleagues at all levels and project a solid, professional attitude consistently. Nice to have Data Loss Prevention Secure Remote Access solutions Network Security solutions Open Source and Cyber Threat Intelligence Suitable experience working with the market leading technology vendor product suites Experience in software-defined and cloud services such as SaaS, IaaS, PaaS and DaaS Experience in Disaster Recovery Management and Business Continuity Knowledge of applicable data privacy practices and laws
May 03, 2026
Contractor
SOC Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual basis. The firm are an extremely modern law firm which offer a healthy hybrid working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage and fidelity by conducting regular assessments of the SIEM architecture. To be considered for this SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100)Defender) role, it's ideal you have: 3 + years within a similar role Ideal but not required law firm experience Security qualifications such as CISSP, CISM, CEH, CompTIA Sec+ or others SIEM Engineering & Maturity Enhance and optimise the existing SIEM platform to improve performance, coverage, and fidelity. Conduct regular assessments of SIEM architecture and propose improvements to ingestion pipelines, parsing rules, correlation logic, and storage management. Implement automation and orchestration components (SOAR) to streamline incident response activities. Log Source Onboarding & Integration Identify, prioritise, and onboard new log sources from cloud, on-prem, network, endpoint, identity, and application platforms. Develop and maintain custom parsers, connectors, and ingestion playbooks. Work with internal teams and vendors to ensure high-quality, reliable telemetry and error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning and logic refinement. SOC Support & Incident Response Work closely with SOC analysts to validate and refine detection logic. Support incident investigations through SIEM searches, enrichment, and data modelling. Provide technical SME support for complex incidents that require deep SIEM or log knowledge. Documentation & Governance Maintain high-quality documentation covering data models, feed onboarding, use cases, correlation logic, and architecture. Ensure alignment with internal controls, compliance requirements, and industry standards. Education, Skills & Experience Technical Expertise Hands-on experience with leading SIEM platforms (e.g., Exabeam, LogRhythm, ArcSight, Microsoft Sentinel, Splunk, QRadar, Elastic). Strong understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong understanding of networking, Windows/Linux systems, Cloud platforms (Azure/AWS/GCP), identity systems, and endpoint protection technologies (e.g. SentinelOne and Microsoft Defender) Knowledge of MITRE ATT&CK, cyber kill chain, and threat hunting methodologies. Must Have Level 4 or higher qualification in a computing subject, or equivalent experience IT experience including both IT Infrastructure and Information Security roles Relevant professional certifications that validate the fundamental skills required to perform the role, e.g. GIAC (GCIA,GCDA,GMON) Microsoft SC-200/SC-100, CompTIA Secure Infrastructure Specialist (CSIS), SSCP/CISSP etc Strong skill level in scripting technologies, including Python, MS PowerShell and PowerApps Ability to conduct research into Infrastructure issues and products as required Self-starting with strong interpersonal, written, and oral communication skills. Ability to engage colleagues at all levels and project a solid, professional attitude consistently. Nice to have Data Loss Prevention Secure Remote Access solutions Network Security solutions Open Source and Cyber Threat Intelligence Suitable experience working with the market leading technology vendor product suites Experience in software-defined and cloud services such as SaaS, IaaS, PaaS and DaaS Experience in Disaster Recovery Management and Business Continuity Knowledge of applicable data privacy practices and laws
Network Security Analyst required by a financial services organisation - responsible for influencing and shaping the overarching security strategy, and to recommend and adopt technologies to better safeguard the organisation. This role would be ideal opportunity for an Infrastructure specialist with cyber security knowledge looking for a role to specialise further in Cyber security. The role offers the opportunity for hybrid working with only 1 day a week required in office in a really welcoming and positive working environment. Our client offers a competitive salary and package which includes:- c£40K salary depending on experience Hybrid Working - mainly remote with 1 day per week required in office 35 Hour Week Private Healthcare Generous pension Free Onsite Parking 25 days holidays (rising with service) + 8 bank holidays plus other benefits. Key Skills & Experience: Prior experience of a cyber security role. Experience of a regulated or audited industry would be beneficial. Experience in managing Windows 11, Microsoft Office & Active Directory. Excellent working knowledge of Microsoft Group Policy and InTune configuration Excellent understanding of firewall (NGFW) and network technologies and configuration. Proficiently troubleshoot and resolve IT related issues A sound general range of IT skills, which need to be kept up to date in line with IT developments in the business. An excellent understanding of NIST, CIS, ISO27001 framework and controls Experience developing cyber resilience and disaster recovery Confidence to communicate effectively with all layers of the business, including the delivery of reports to management and training and best-practice guidance to all staff Drive efficiency through automation utilising PowerShell, with integration to Microsoft services such as Active Directory and Graph API Responsibilities: End to end management of phishing, through design, scheduling, reporting and training. Conduct staff training covering emerging threats, end-user best practices, phishing, password management and more. Vulnerability management life cycle including detection and remediation Maintain third party 24/7 SOC relationship and workflow approvals Engage in proactive threat assessment with support of the SOC Oversee access reviews across all systems with continued development Infrastructure best practice audit, development and maintenance including work on firewalls, networking, Microsoft Office 365, MDM and antivirus to reduce exposure Data Loss Prevention development and maintenance Maintaining server and end-user compute security in addition to MDM compliance Collaborate within the IT Team to develop security policies, hardening guidelines and department procedure guides Continue development in ISO27001 / CIS / NIST type frameworks ensuring industry best practices This is an excellent opportunity to join a professional working environment with exciting career development opportunities. The role is offered as a permanent role and will provide the incumbent the chance to develop their skills and experience. In return you will enjoy an attractive salary c£40K, a hybrid working environment and a range of benefits including a 35-hour week, healthcare, pension, and free onsite parking. Our client welcomes applications from a diverse background and encourages equality and inclusion in their workforce. Forward your CV to Elaine Hallworth and we will be back in touch to discuss the role and client further.
May 03, 2026
Full time
Network Security Analyst required by a financial services organisation - responsible for influencing and shaping the overarching security strategy, and to recommend and adopt technologies to better safeguard the organisation. This role would be ideal opportunity for an Infrastructure specialist with cyber security knowledge looking for a role to specialise further in Cyber security. The role offers the opportunity for hybrid working with only 1 day a week required in office in a really welcoming and positive working environment. Our client offers a competitive salary and package which includes:- c£40K salary depending on experience Hybrid Working - mainly remote with 1 day per week required in office 35 Hour Week Private Healthcare Generous pension Free Onsite Parking 25 days holidays (rising with service) + 8 bank holidays plus other benefits. Key Skills & Experience: Prior experience of a cyber security role. Experience of a regulated or audited industry would be beneficial. Experience in managing Windows 11, Microsoft Office & Active Directory. Excellent working knowledge of Microsoft Group Policy and InTune configuration Excellent understanding of firewall (NGFW) and network technologies and configuration. Proficiently troubleshoot and resolve IT related issues A sound general range of IT skills, which need to be kept up to date in line with IT developments in the business. An excellent understanding of NIST, CIS, ISO27001 framework and controls Experience developing cyber resilience and disaster recovery Confidence to communicate effectively with all layers of the business, including the delivery of reports to management and training and best-practice guidance to all staff Drive efficiency through automation utilising PowerShell, with integration to Microsoft services such as Active Directory and Graph API Responsibilities: End to end management of phishing, through design, scheduling, reporting and training. Conduct staff training covering emerging threats, end-user best practices, phishing, password management and more. Vulnerability management life cycle including detection and remediation Maintain third party 24/7 SOC relationship and workflow approvals Engage in proactive threat assessment with support of the SOC Oversee access reviews across all systems with continued development Infrastructure best practice audit, development and maintenance including work on firewalls, networking, Microsoft Office 365, MDM and antivirus to reduce exposure Data Loss Prevention development and maintenance Maintaining server and end-user compute security in addition to MDM compliance Collaborate within the IT Team to develop security policies, hardening guidelines and department procedure guides Continue development in ISO27001 / CIS / NIST type frameworks ensuring industry best practices This is an excellent opportunity to join a professional working environment with exciting career development opportunities. The role is offered as a permanent role and will provide the incumbent the chance to develop their skills and experience. In return you will enjoy an attractive salary c£40K, a hybrid working environment and a range of benefits including a 35-hour week, healthcare, pension, and free onsite parking. Our client welcomes applications from a diverse background and encourages equality and inclusion in their workforce. Forward your CV to Elaine Hallworth and we will be back in touch to discuss the role and client further.
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Apr 30, 2026
Full time
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Apr 30, 2026
Full time
SOC / Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced SOC Analysts where threat hunting, investigations, and proactive detection have formed a significant part of their role, and who are looking to further develop in a more hunting-led environment. This position is well suited to analysts who enjoy thinking like an attacker, have worked alongside or supported red team or purple team activities, and want to deepen their expertise in threat detection and detection engineering. Skills & Experience We're Seeking Experience in threat hunting, cyber threat detection, SOC, blue team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management Hands-on experience with EDR/XDR technologies such as Microsoft Defender, CrowdStrike, SentinelOne, or Carbon Black Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S, Firewalls, VPNs, Proxy technologies) Experience analysing telemetry from Windows, Linux, identity, endpoint, and network sources Strong analytical mindset with the ability to clearly communicate findings, impact, and risk Key Responsibilities Conduct proactive threat hunting activities across log, endpoint, and network telemetry to identify suspicious, stealthy, or previously unknown threats Develop and execute hunt hypotheses aligned to MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment Support incident management and incident response activities, including containment, remediation, escalation, and lessons learned Collaborate closely with SOC teams, incident responders, red teams, and purple teams to validate detections and improve defensive coverage Contribute to detection logic improvements, use-case development, and continuous enhancement of hunting methodologies Produce clear investigation write-ups, timelines, and recommendations for technical and non-technical stakeholders Security Certifications (Highly Beneficial) SANS/GIAC certifications, including but not limited to: GCIH - Incident Handler GCIA - Intrusion Analyst GCED - Enterprise Defender GCTI - Cyber Threat Intelligence GMON - Continuous Monitoring GDAT - Defending Advanced Threats GCAT - Advanced Threat Intelligence OSCP or equivalent offensive security qualifications Crest certifications, such as: Crest Practitioner Intrusion Analyst (CPIA) Crest Registered Intrusion Analyst (CRIA) Crest Certified Threat Intelligence Analyst (CCTIA) Crest Certified Blue Team Professional (CCBTP) Microsoft SC-200 or related detection and response certifications Other recognised cyber security or threat intelligence credentials
Cyber Security Operations Manager Liverpool (Hybrid) 75,000 We're working with a growing UK business looking to hire a Cyber Security Operations Manager to take full ownership of its security operations function, ensuring the organisation is protected, resilient, and continuously improving against an increasingly complex threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business is protected against evolving threats while continuously improving processes, tooling, and team capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk teams to strengthen security across the business Leading and developing a team of cyber engineers and analysts Driving automation initiatives to improve response times and operational efficiency Supporting governance, compliance, and audit requirements Reporting on security performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such as NIST, ISO 27001, or CIS Controls Experience working in cloud environments (Azure, AWS, or GCP) Strong leadership and stakeholder management skills Ability to balance hands-on technical understanding with strategic oversight Why Join? Opportunity to lead and shape the security operations function High visibility role across technology and leadership teams Business actively investing in cyber security and resilience If you're looking for a role where you can lead, influence, and strengthen cyber security at scale, we'd love to hear from you. Apply today with your most up to date CV. BH36094
Apr 30, 2026
Full time
Cyber Security Operations Manager Liverpool (Hybrid) 75,000 We're working with a growing UK business looking to hire a Cyber Security Operations Manager to take full ownership of its security operations function, ensuring the organisation is protected, resilient, and continuously improving against an increasingly complex threat landscape. This is a high-impact position where you'll lead the security operations function end-to-end, driving improvements across threat detection, incident response, and overall security posture within a complex, evolving environment. The Role You'll take ownership of security operations, ensuring the business is protected against evolving threats while continuously improving processes, tooling, and team capability. Key responsibilities include: Leading the day-to-day operations of the Security Operations function, including oversight of any outsourced SOC Managing the full incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk teams to strengthen security across the business Leading and developing a team of cyber engineers and analysts Driving automation initiatives to improve response times and operational efficiency Supporting governance, compliance, and audit requirements Reporting on security performance, risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such as NIST, ISO 27001, or CIS Controls Experience working in cloud environments (Azure, AWS, or GCP) Strong leadership and stakeholder management skills Ability to balance hands-on technical understanding with strategic oversight Why Join? Opportunity to lead and shape the security operations function High visibility role across technology and leadership teams Business actively investing in cyber security and resilience If you're looking for a role where you can lead, influence, and strengthen cyber security at scale, we'd love to hear from you. Apply today with your most up to date CV. BH36094
Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
Apr 29, 2026
Contractor
Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
