About The Role Team - Vitality Technology Working Pattern - Hybrid - 2 days per week in the Vitality Bournemouth Office. Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role: Security Operations Leadership & Incident Response Risk, Governance & Regulatory Compliance Technical Depth in Monitoring & Security Engineering What this role is all about: Join our dynamic, values-led organisation to help strengthen Vitality's cyber security. You'll support the CISO in delivering our security strategy, lead a team of analysts, and oversee key controls that protect member data. The role includes security monitoring, incident response, developing playbooks, and managing the CSIRT function. Key Actions Leadership and management of the Cyber Security Operations team Conducting cyber security maturity assessments; continuous improvement of existing security controls and assessing new tools/capabilities for recommendation to management Perform cyber risk assessments; develop reporting metrics to articulate risk posture to Senior Management Be the key contact for, and lead on the management of Cyber Security incidents, performing and co-ordinating forensic investigations; mature the Cyber Incident detection and response capabilities Engagement with internal stakeholder and external bodies as required, Vendors, forensic partners, regulatory bodies Threat hunting; monitoring for emerging security threats Ensure compliance with Vitality's ISMS, Regulatory requirements and Information Security best practice frameworks (e.g. ISO27001, GDPR, NIST, Cyber Essentials, ITIL) to ensure the Confidentiality, Integrity and Availability of Vitality Information Systems Penetration testing and vulnerability management governance and remediation Deliver key Information Security initiatives/projects, in line with InfoSec and Cyber Security strategy and Enterprise Risk Management Framework Responsible for ensuring that Vitality IT assets are adequately protected from Cyber-attacks and malicious insiders Provide expert professional advice across Vitality on Information and Cyber Security best practice, training, and awareness sessions What do you need to thrive? Degree or professional security qualifications and certifications such as MSc, CISSP, CISM, CISA or equivalent Minimum 5 years' experience working in Cyber Security Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audience; production of policy/standards/project documentation Appropriate level of technical knowledge, hands-on experience of configuring security tools Demonstrable experience of designing, implementing and managing information security initiatives Sound understanding of security frameworks (e.g. ISO27001/2, PCI DSS, NIST), Data Protection and regulatory compliance (e.g. FCA, ICO, PRA, GDPR) So, what's in it for you? Bonus Schemes - A bonus that regularly rewards you for your performance A pension of up to 12%- We will match your contributions up to 6% of your salary Our award-winning Vitality health insurance - With its own set of rewards and benefits Life Assurance - Four times annual salary These are just some of the many perks that we offer! To view the extensive range of benefits we offer, please visit our careers page. Fantastic Benefits. Exciting rewards. Great career opportunities! If you are successful in your application and join us at Vitality, this is our promise to you, w e will: Help you to be the healthiest you've ever been. Create an environment that embraces you as you are and enables you to be your best self. Give you flexibility on how, where and when you work. Help you advance your career by playing you to your strengths. Give you a voice to help our business grow and make Vitality a great place to be. Give you the space to try, fail and learn. Provide a healthy balance of challenge and support. Recognise and reward you with a competitive salary and amazing benefits. Be there for you when you need us. Provide opportunities for you to be a force for good in society. We commit to all these things because we want you to feel that you belong, and are supported to be happy and healthy. About The Company We're incredibly proud to be recognised for the culture we've created - recently being named one of Glassdoor's Best Places to Work 2026 , and in 2024 we were delighted to be awarded Top 10 Places to Work in the Sunday Times Awards. We've been a purpose and values-driven business from day 1- long before it became fashionable. Our core purpose is to make people healthier and enhance protect their lives. We're successful because we attract, develop, and retain the best people - and because we care. Diversity & Inclusion At Vitality, we're committed to diversity and inclusion because it's good for our employees, for our business, and for society. We welcome applications from individuals of all backgrounds, experiences, and perspectives. Vitality's approach to sustainability Vitality is a business that drives positive change. We reward people for making and sustaining healthier choices. But healthy people also need a healthy environment. To learn more please visit our Careers page. If we are fortunate in receiving a high volume of quality applications we may need to close this vacancy early.
Mar 19, 2026
Full time
About The Role Team - Vitality Technology Working Pattern - Hybrid - 2 days per week in the Vitality Bournemouth Office. Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role: Security Operations Leadership & Incident Response Risk, Governance & Regulatory Compliance Technical Depth in Monitoring & Security Engineering What this role is all about: Join our dynamic, values-led organisation to help strengthen Vitality's cyber security. You'll support the CISO in delivering our security strategy, lead a team of analysts, and oversee key controls that protect member data. The role includes security monitoring, incident response, developing playbooks, and managing the CSIRT function. Key Actions Leadership and management of the Cyber Security Operations team Conducting cyber security maturity assessments; continuous improvement of existing security controls and assessing new tools/capabilities for recommendation to management Perform cyber risk assessments; develop reporting metrics to articulate risk posture to Senior Management Be the key contact for, and lead on the management of Cyber Security incidents, performing and co-ordinating forensic investigations; mature the Cyber Incident detection and response capabilities Engagement with internal stakeholder and external bodies as required, Vendors, forensic partners, regulatory bodies Threat hunting; monitoring for emerging security threats Ensure compliance with Vitality's ISMS, Regulatory requirements and Information Security best practice frameworks (e.g. ISO27001, GDPR, NIST, Cyber Essentials, ITIL) to ensure the Confidentiality, Integrity and Availability of Vitality Information Systems Penetration testing and vulnerability management governance and remediation Deliver key Information Security initiatives/projects, in line with InfoSec and Cyber Security strategy and Enterprise Risk Management Framework Responsible for ensuring that Vitality IT assets are adequately protected from Cyber-attacks and malicious insiders Provide expert professional advice across Vitality on Information and Cyber Security best practice, training, and awareness sessions What do you need to thrive? Degree or professional security qualifications and certifications such as MSc, CISSP, CISM, CISA or equivalent Minimum 5 years' experience working in Cyber Security Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audience; production of policy/standards/project documentation Appropriate level of technical knowledge, hands-on experience of configuring security tools Demonstrable experience of designing, implementing and managing information security initiatives Sound understanding of security frameworks (e.g. ISO27001/2, PCI DSS, NIST), Data Protection and regulatory compliance (e.g. FCA, ICO, PRA, GDPR) So, what's in it for you? Bonus Schemes - A bonus that regularly rewards you for your performance A pension of up to 12%- We will match your contributions up to 6% of your salary Our award-winning Vitality health insurance - With its own set of rewards and benefits Life Assurance - Four times annual salary These are just some of the many perks that we offer! To view the extensive range of benefits we offer, please visit our careers page. Fantastic Benefits. Exciting rewards. Great career opportunities! If you are successful in your application and join us at Vitality, this is our promise to you, w e will: Help you to be the healthiest you've ever been. Create an environment that embraces you as you are and enables you to be your best self. Give you flexibility on how, where and when you work. Help you advance your career by playing you to your strengths. Give you a voice to help our business grow and make Vitality a great place to be. Give you the space to try, fail and learn. Provide a healthy balance of challenge and support. Recognise and reward you with a competitive salary and amazing benefits. Be there for you when you need us. Provide opportunities for you to be a force for good in society. We commit to all these things because we want you to feel that you belong, and are supported to be happy and healthy. About The Company We're incredibly proud to be recognised for the culture we've created - recently being named one of Glassdoor's Best Places to Work 2026 , and in 2024 we were delighted to be awarded Top 10 Places to Work in the Sunday Times Awards. We've been a purpose and values-driven business from day 1- long before it became fashionable. Our core purpose is to make people healthier and enhance protect their lives. We're successful because we attract, develop, and retain the best people - and because we care. Diversity & Inclusion At Vitality, we're committed to diversity and inclusion because it's good for our employees, for our business, and for society. We welcome applications from individuals of all backgrounds, experiences, and perspectives. Vitality's approach to sustainability Vitality is a business that drives positive change. We reward people for making and sustaining healthier choices. But healthy people also need a healthy environment. To learn more please visit our Careers page. If we are fortunate in receiving a high volume of quality applications we may need to close this vacancy early.
The Head of Security Monitoring and Threat Hunting is accountable for the leadership, performance, and continuous improvement of the Security Operations Centre (SOC), across 3 countries (UK, India and Canada) delivering a resilient 24/7 cyber defence capability for a global organisation. This role provides strategic and operational leadership across SOC operations, investigations, detection improvement, and automation. You would be responsible for developing a proactive, intelligence-led SOC that balances SLA performance with high-quality investigations and measurable risk reduction. The role requires a visionary leader with strong people management skills, deep operational SOC experience, and a proven track record of modernising SOC capabilities through automation and AI. Leadership Profile Visionary, risk-focused SOC leader with strong operational discipline. People focused leader with a track record of developing high-performing teams. Strategic thinker capable of translating vision into successful outcomes. Calm and decisive in high-pressure scenarios. Key Responsibilities SOC Operations & Service Delivery Manage the delivery of a global, follow-the-sun SOC operation aligned to enterprise risk and business priorities. Own SOC KPIs, SLAs, and quality metrics, ensuring performance targets are met without compromising investigation depth. Ensure robust triage, escalation, and handover processes are consistently applied. Maintain strong governance, documentation, and audit readiness. Own the continuous tuning and optimisation of detection rules to reduce false positives and improve signal quality. Leadership & People Management Provide line management, direction, and coaching to SOC Leads, ensuring consistent operational standards across all shifts. Set clear objectives, performance measures, and development plans for SOC Leads. Build a high-performing, resilient SOC culture focused on professionalism, accountability, and continuous improvement. Ensure effective workforce planning, shift coverage, and succession planning within a 24/7 operating model. Work with other cross functional leaders/teams to implement efficient business processes and support the overall maturity of the Cyber function. Proactive Investigations & Threat Hunting Establish and embed a proactive investigation and threat hunting capability. Drive a shift from reactive alert handling to proactive-driven investigations. Oversee case quality, root cause analysis, and post-incident reviews. AI, Automation & SOC Transformation Lead the implementation and operational adoption of AI-driven triage and SOAR automation. Automate low-level case handling and enrichment to reduce analyst workload and improve efficiency. Improve MTTD and MTTR while maintaining appropriate controls and oversight. Strategy, Governance & Continuous Improvement Define and deliver a SOC maturity and capability roadmap aligned to enterprise cyber strategy and UK regulatory expectations. Track emerging threats, technologies, and industry best practice to continuously evolve the SOC. Required Experience & Skills 4+ years proven experience managing a 24/7 SOC within a large enterprise environment. Demonstrated line management experience of SOC Leads and Analysts. Strong background in security investigations, triage, and escalation. Experience leading or establishing proactive threat hunting. Practical experience implementing AI, SOAR, and automation within SOC operations. Understanding of modern threat actor tradecraft. Ability to balance SLA performance with investigation quality and analyst wellbeing. Strong stakeholder management and executive communication skills. Experience operating in regulated UK environments (e.g. financial services). Experience delivering SOC maturity transformation. Desirable Qualifcations CISSP, CISM, or GIAC certifications (GCIA, GCIH, GCED). Admiral: Where You Can We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We're committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service. Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave. We're proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We're fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics. Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here. Disability Confident Leader As a Disability Confident Leader, for candidates with a disability or long-term health condition, that opt into the Disability Confident scheme, we'll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process. If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do emailus or contact us on . This number is dedicated to supporting candidates that require reasonable adjustments or support during the application process.
Mar 15, 2026
Full time
The Head of Security Monitoring and Threat Hunting is accountable for the leadership, performance, and continuous improvement of the Security Operations Centre (SOC), across 3 countries (UK, India and Canada) delivering a resilient 24/7 cyber defence capability for a global organisation. This role provides strategic and operational leadership across SOC operations, investigations, detection improvement, and automation. You would be responsible for developing a proactive, intelligence-led SOC that balances SLA performance with high-quality investigations and measurable risk reduction. The role requires a visionary leader with strong people management skills, deep operational SOC experience, and a proven track record of modernising SOC capabilities through automation and AI. Leadership Profile Visionary, risk-focused SOC leader with strong operational discipline. People focused leader with a track record of developing high-performing teams. Strategic thinker capable of translating vision into successful outcomes. Calm and decisive in high-pressure scenarios. Key Responsibilities SOC Operations & Service Delivery Manage the delivery of a global, follow-the-sun SOC operation aligned to enterprise risk and business priorities. Own SOC KPIs, SLAs, and quality metrics, ensuring performance targets are met without compromising investigation depth. Ensure robust triage, escalation, and handover processes are consistently applied. Maintain strong governance, documentation, and audit readiness. Own the continuous tuning and optimisation of detection rules to reduce false positives and improve signal quality. Leadership & People Management Provide line management, direction, and coaching to SOC Leads, ensuring consistent operational standards across all shifts. Set clear objectives, performance measures, and development plans for SOC Leads. Build a high-performing, resilient SOC culture focused on professionalism, accountability, and continuous improvement. Ensure effective workforce planning, shift coverage, and succession planning within a 24/7 operating model. Work with other cross functional leaders/teams to implement efficient business processes and support the overall maturity of the Cyber function. Proactive Investigations & Threat Hunting Establish and embed a proactive investigation and threat hunting capability. Drive a shift from reactive alert handling to proactive-driven investigations. Oversee case quality, root cause analysis, and post-incident reviews. AI, Automation & SOC Transformation Lead the implementation and operational adoption of AI-driven triage and SOAR automation. Automate low-level case handling and enrichment to reduce analyst workload and improve efficiency. Improve MTTD and MTTR while maintaining appropriate controls and oversight. Strategy, Governance & Continuous Improvement Define and deliver a SOC maturity and capability roadmap aligned to enterprise cyber strategy and UK regulatory expectations. Track emerging threats, technologies, and industry best practice to continuously evolve the SOC. Required Experience & Skills 4+ years proven experience managing a 24/7 SOC within a large enterprise environment. Demonstrated line management experience of SOC Leads and Analysts. Strong background in security investigations, triage, and escalation. Experience leading or establishing proactive threat hunting. Practical experience implementing AI, SOAR, and automation within SOC operations. Understanding of modern threat actor tradecraft. Ability to balance SLA performance with investigation quality and analyst wellbeing. Strong stakeholder management and executive communication skills. Experience operating in regulated UK environments (e.g. financial services). Experience delivering SOC maturity transformation. Desirable Qualifcations CISSP, CISM, or GIAC certifications (GCIA, GCIH, GCED). Admiral: Where You Can We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We're committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service. Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave. We're proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We're fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics. Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here. Disability Confident Leader As a Disability Confident Leader, for candidates with a disability or long-term health condition, that opt into the Disability Confident scheme, we'll invite a fair and proportionate number of applicants that meet the essential requirements of the role to the first stage of our selection process. If you need any adjustments or support with your application or during the recruitment process, just let us know. Please do emailus or contact us on . This number is dedicated to supporting candidates that require reasonable adjustments or support during the application process.
The Role We're looking for a Senior Content Engineer to help us research, plan, and create advanced content and virtual labs for our online courses. The ideal candidate has extensive experience in blue team cyber security roles and a strong background in training content development. Technical Skills & Experience To be considered for this opportunity, you must have at least 5 years of relevant cyber security industry experience in roles such as L3/L4 SOC Analyst, Security Engineer, Incident Responder, Threat Hunter or Digital Forensics Investigator. You should also demonstrate: Strong expertise in core blue team areas: incident detection and response, threat intelligence, log analysis, security monitoring, and digital forensics. A deep understanding of networking, computing, and operating systems as they relate to security practices. Familiarity with blue team tooling (e.g., SIEM, EDR, IDS/IPS, forensic tools) and methodologies (e.g., MITRE ATT&CK framework, log analysis, malware analysis). Proven ability to research and adapt to emerging threats and technologies and translate that knowledge into engaging training content. Strong verbal and written English communication skills, essential for conveying complex technical concepts. Job Responsibilities Research, design, and develop defensive cyber security training material with supporting hands-on lab exercises (such as virtual machines and datasets for analysis). Collaborate with the Content Engineering Team to support security training coverage and identify content development opportunities. Experience developing and configuring virtual machines and sample datasets for realistic cybersecurity labs. Provide guidance and support to other Content Engineering Team members in areas of expertise. Take charge of planning and designing portions of the content development roadmap. Collaborate with the Head of Content Engineering to continuously improve the content development process. Analyze industry trends in tooling and techniques and recreate them as teachable content. Strategically plan, review, and schedule content with our blue team content engineering team. Preferred Skills (nice-to-have): Creating challenges for capture the flags (CTFs) Programming experience in any of the following: Python, PHP, Bash, Powershell Experience leading/ coaching/ mentoring others Certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), Certified SOC Analyst (CSA), Certified Forensic Analyst (GCFA), CompTIA CySA+, BTL2 Benefits & Perks 100% Remote - In a fully digital world, work from anywhere you want! Flexi Time - Choose your own hours as long as you have at least 4 hours of overlap with the UK timezone (from 8am - 6pm) Tools - a dedicated work laptop + any accessories you need to do your best work. Swag Pack - start your TryHackMe journey with a branded swag bundle! Personal Development - £2,500 training budget to acquire certifications, and more. Company Retreat - an annual company retreat, fully paid for by us! Lunch on us - whether you're a pizza-lover, salad obsessed or a big sushi fan, TryHackMe will cover the cost of your lunch order during our recurring company virtual lunches. Health Insurance - if you're in a country that doesn't have public health care. Enhanced Maternity & Paternity - an enhanced package on top of statutory requirements. 401k / Pension - TryHackMe makes it easy to save money for your retirement. Our Hiring Process Stage 1: Short introduction call (30 mins) Stage 2: Technical Take Home Exercise (part 1 & 2) Stage 3: Interview with our Head of Content Engineering (one hour) Stage 4: Final call with a Co-Founder (30 mins) At this time, we are unable to provide sponsorship.
Mar 07, 2026
Full time
The Role We're looking for a Senior Content Engineer to help us research, plan, and create advanced content and virtual labs for our online courses. The ideal candidate has extensive experience in blue team cyber security roles and a strong background in training content development. Technical Skills & Experience To be considered for this opportunity, you must have at least 5 years of relevant cyber security industry experience in roles such as L3/L4 SOC Analyst, Security Engineer, Incident Responder, Threat Hunter or Digital Forensics Investigator. You should also demonstrate: Strong expertise in core blue team areas: incident detection and response, threat intelligence, log analysis, security monitoring, and digital forensics. A deep understanding of networking, computing, and operating systems as they relate to security practices. Familiarity with blue team tooling (e.g., SIEM, EDR, IDS/IPS, forensic tools) and methodologies (e.g., MITRE ATT&CK framework, log analysis, malware analysis). Proven ability to research and adapt to emerging threats and technologies and translate that knowledge into engaging training content. Strong verbal and written English communication skills, essential for conveying complex technical concepts. Job Responsibilities Research, design, and develop defensive cyber security training material with supporting hands-on lab exercises (such as virtual machines and datasets for analysis). Collaborate with the Content Engineering Team to support security training coverage and identify content development opportunities. Experience developing and configuring virtual machines and sample datasets for realistic cybersecurity labs. Provide guidance and support to other Content Engineering Team members in areas of expertise. Take charge of planning and designing portions of the content development roadmap. Collaborate with the Head of Content Engineering to continuously improve the content development process. Analyze industry trends in tooling and techniques and recreate them as teachable content. Strategically plan, review, and schedule content with our blue team content engineering team. Preferred Skills (nice-to-have): Creating challenges for capture the flags (CTFs) Programming experience in any of the following: Python, PHP, Bash, Powershell Experience leading/ coaching/ mentoring others Certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), Certified SOC Analyst (CSA), Certified Forensic Analyst (GCFA), CompTIA CySA+, BTL2 Benefits & Perks 100% Remote - In a fully digital world, work from anywhere you want! Flexi Time - Choose your own hours as long as you have at least 4 hours of overlap with the UK timezone (from 8am - 6pm) Tools - a dedicated work laptop + any accessories you need to do your best work. Swag Pack - start your TryHackMe journey with a branded swag bundle! Personal Development - £2,500 training budget to acquire certifications, and more. Company Retreat - an annual company retreat, fully paid for by us! Lunch on us - whether you're a pizza-lover, salad obsessed or a big sushi fan, TryHackMe will cover the cost of your lunch order during our recurring company virtual lunches. Health Insurance - if you're in a country that doesn't have public health care. Enhanced Maternity & Paternity - an enhanced package on top of statutory requirements. 401k / Pension - TryHackMe makes it easy to save money for your retirement. Our Hiring Process Stage 1: Short introduction call (30 mins) Stage 2: Technical Take Home Exercise (part 1 & 2) Stage 3: Interview with our Head of Content Engineering (one hour) Stage 4: Final call with a Co-Founder (30 mins) At this time, we are unable to provide sponsorship.
About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud environments. You will work closely with the Cyber Security Operations team, outsourced managed security service provider, and internal stakeholders to maintain and enhance our security posture. You will play a key role in our organisation. Security transformation programme to help improve our security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender for Endpoint, Office 365, and Cloud, while supporting the Security Operations Lead to keep our environment secure. Your day-to-day will involve analysing security alerts, collaborating with SOC and MSSP partners to strengthen detection and response, conducting regular assessments, and shaping security policies and best practices. We operate a hybrid working policy that requires a minimum of 2 days per week in the office. About You We're seeking a cybersecurity professional with experience in Microsoft-centric environments, ideally within large or multi-region organizations. You should be a clear communicator and strong leader who sets direction, aligns teams, and focuses on priorities. Adaptability is key - you can manage change, make decisions with incomplete information, and handle uncertainty confidently. The ability to identify critical tasks, remove obstacles, and keep teams focused on results is essential. To be successful in this role, you will ideally have/be: Essential: Demonstrated hands on experience in Azure, Entra and Microsoft 365 Cloud Security Engineering Demonstrated hands on experience of writing complex PowerShell scripts Experience of managing security of IAAS, PAAS and SAAS platforms Strong understanding of threat detection, prevention, and response methodologies. Hands-on experience with EDR, email security, and web security solutions. Microsoft certifications such as SC-200 MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC environment. Benefits We care about work/life balance here. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of a discretionary annual payment.
Mar 05, 2026
Full time
About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud environments. You will work closely with the Cyber Security Operations team, outsourced managed security service provider, and internal stakeholders to maintain and enhance our security posture. You will play a key role in our organisation. Security transformation programme to help improve our security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender for Endpoint, Office 365, and Cloud, while supporting the Security Operations Lead to keep our environment secure. Your day-to-day will involve analysing security alerts, collaborating with SOC and MSSP partners to strengthen detection and response, conducting regular assessments, and shaping security policies and best practices. We operate a hybrid working policy that requires a minimum of 2 days per week in the office. About You We're seeking a cybersecurity professional with experience in Microsoft-centric environments, ideally within large or multi-region organizations. You should be a clear communicator and strong leader who sets direction, aligns teams, and focuses on priorities. Adaptability is key - you can manage change, make decisions with incomplete information, and handle uncertainty confidently. The ability to identify critical tasks, remove obstacles, and keep teams focused on results is essential. To be successful in this role, you will ideally have/be: Essential: Demonstrated hands on experience in Azure, Entra and Microsoft 365 Cloud Security Engineering Demonstrated hands on experience of writing complex PowerShell scripts Experience of managing security of IAAS, PAAS and SAAS platforms Strong understanding of threat detection, prevention, and response methodologies. Hands-on experience with EDR, email security, and web security solutions. Microsoft certifications such as SC-200 MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC environment. Benefits We care about work/life balance here. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of a discretionary annual payment.
Cookie Notice Chief Information Security Officer Title: Chief Information Security Officer Company: Ipsen Pharma (SAS) About Ipsen: Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology, Rare Disease and Neuroscience. Supported by nearly 100 years of development experience, with global hubs in the U.S., France and the U.K, we tackle areas of high unmet medical need through research and innovation. Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration, excellence and impact. At Ipsen, every individual is empowered to be their true selves, grow and thrive alongside the company's success. Join us on our journey towards sustainable growth, creating real impact on patients and society!For more information, visit us at and follow our latest news on and . Job Description: The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company's physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements. WHAT - Main Responsibilities & Technical Competencies Strategic Leadership Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends. Advise executive leadership and the board on risk posture, threat landscape, and investment priorities. Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence. Establish KPIs and performance metrics to measure and improve security effectiveness. Cybersecurity & IT Security Oversee the design and implementation of cybersecurity architecture and controls. Ensure protection of IT infrastructure, cloud environments, and sensitive data. Lead incident response, threat intelligence, and vulnerability management programs. Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Governance, Risk & Compliance Develop and enforce enterprise-wide security policies and procedures. In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP). Conduct risk assessments, internal audits, and third-party security evaluations. Report regularly to senior leadership on risk mitigation and compliance status. Investigations & Incident Management Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations. Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination. Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions. Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards. Fraud Management Develop and implement a fraud prevention and detection framework across the organization. Lead investigations into suspected fraud, misconduct, and financial irregularities. Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases. Maintain a whistleblower program and ensure confidentiality and integrity in handling reports. Monitor fraud trends and proactively adjust controls and training programs. Team Management & Development Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management). Define roles, responsibilities, and career development paths for team members. Foster a culture of accountability, agility, and continuous learning. Manage vendor relationships and external consultants as needed. Physical & Operational Security Oversee facility security, access control, and surveillance systems. Coordinate with facilities and operations on emergency preparedness and response. Develop and test business continuity and disaster recovery plans. Stakeholder Engagement Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs. Lead security awareness and training programs across the organization. Represent the company in external forums, industry groups, and regulatory engagements. HOW - Knowledge & Experience Skills: Technical depth in cybersecurity and investigations Leadership and team development Fraud detection and prevention expertise Regulatory and compliance acumen Communication and stakeholder management Crisis and incident responseKnowledge & Experience: 15+ years of experience in security leadership, preferably in pharma or life sciences. Proven track record in strategic planning, investigations, fraud management, and team leadership. Certifications such as CISSP, CISM, CISA, CRISC, or CFE (Certified Fraud Examiner) are highly desirable. Strong understanding of regulatory environments and risk management frameworks.Education / Certifications : Bachelor's or Master's degree in Information Security, Computer Science, or related field.Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.Nous nous engageons à créer un lieu de travail où chacun se sent écouté, valorisé et soutenu, où nous incarnons " The Real Us ". La valeur que nous accordons aux différentes perspectives et expériences motive notre engagement en faveur de l'inclusion et de l'égalité des chances. Lorsque nous intégrons des modes de pensée diversifiés, nous prenons des décisions plus réfléchies et découvrons des solutions plus innovantes. Ensemble, nous nous efforçons de mieux comprendre les communautés que nous servons. Cela signifie que nous voulons également vous aider à donner le meilleur de vous-même lorsque vous postulez à un poste chez nous. Si vous avez besoin d'aménagements ou d'aide pendant le processus de candidature, veuillez en informer l'équipe de recrutement. Ces informations seront traitées avec soin et n'auront aucune incidence sur le résultat de votre candidature. Soyons nous-même Get In TouchIntroduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match.
Mar 01, 2026
Full time
Cookie Notice Chief Information Security Officer Title: Chief Information Security Officer Company: Ipsen Pharma (SAS) About Ipsen: Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology, Rare Disease and Neuroscience. Supported by nearly 100 years of development experience, with global hubs in the U.S., France and the U.K, we tackle areas of high unmet medical need through research and innovation. Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration, excellence and impact. At Ipsen, every individual is empowered to be their true selves, grow and thrive alongside the company's success. Join us on our journey towards sustainable growth, creating real impact on patients and society!For more information, visit us at and follow our latest news on and . Job Description: The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company's physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements. WHAT - Main Responsibilities & Technical Competencies Strategic Leadership Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends. Advise executive leadership and the board on risk posture, threat landscape, and investment priorities. Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence. Establish KPIs and performance metrics to measure and improve security effectiveness. Cybersecurity & IT Security Oversee the design and implementation of cybersecurity architecture and controls. Ensure protection of IT infrastructure, cloud environments, and sensitive data. Lead incident response, threat intelligence, and vulnerability management programs. Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Governance, Risk & Compliance Develop and enforce enterprise-wide security policies and procedures. In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP). Conduct risk assessments, internal audits, and third-party security evaluations. Report regularly to senior leadership on risk mitigation and compliance status. Investigations & Incident Management Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations. Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination. Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions. Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards. Fraud Management Develop and implement a fraud prevention and detection framework across the organization. Lead investigations into suspected fraud, misconduct, and financial irregularities. Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases. Maintain a whistleblower program and ensure confidentiality and integrity in handling reports. Monitor fraud trends and proactively adjust controls and training programs. Team Management & Development Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management). Define roles, responsibilities, and career development paths for team members. Foster a culture of accountability, agility, and continuous learning. Manage vendor relationships and external consultants as needed. Physical & Operational Security Oversee facility security, access control, and surveillance systems. Coordinate with facilities and operations on emergency preparedness and response. Develop and test business continuity and disaster recovery plans. Stakeholder Engagement Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs. Lead security awareness and training programs across the organization. Represent the company in external forums, industry groups, and regulatory engagements. HOW - Knowledge & Experience Skills: Technical depth in cybersecurity and investigations Leadership and team development Fraud detection and prevention expertise Regulatory and compliance acumen Communication and stakeholder management Crisis and incident responseKnowledge & Experience: 15+ years of experience in security leadership, preferably in pharma or life sciences. Proven track record in strategic planning, investigations, fraud management, and team leadership. Certifications such as CISSP, CISM, CISA, CRISC, or CFE (Certified Fraud Examiner) are highly desirable. Strong understanding of regulatory environments and risk management frameworks.Education / Certifications : Bachelor's or Master's degree in Information Security, Computer Science, or related field.Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.Nous nous engageons à créer un lieu de travail où chacun se sent écouté, valorisé et soutenu, où nous incarnons " The Real Us ". La valeur que nous accordons aux différentes perspectives et expériences motive notre engagement en faveur de l'inclusion et de l'égalité des chances. Lorsque nous intégrons des modes de pensée diversifiés, nous prenons des décisions plus réfléchies et découvrons des solutions plus innovantes. Ensemble, nous nous efforçons de mieux comprendre les communautés que nous servons. Cela signifie que nous voulons également vous aider à donner le meilleur de vous-même lorsque vous postulez à un poste chez nous. Si vous avez besoin d'aménagements ou d'aide pendant le processus de candidature, veuillez en informer l'équipe de recrutement. Ces informations seront traitées avec soin et n'auront aucune incidence sur le résultat de votre candidature. Soyons nous-même Get In TouchIntroduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match.
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
Feb 24, 2026
Contractor
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
