Sentinel jobs in United Kingdom

Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision. Job Description Your Career Palo Alto Networks is a world-class product management organization and continues to look for top-notch technical pro engineers to expand the team. As a Senior Technical Product Engineer at Palo Alto Networks, you will play a key role in providing detailed technical information to our partners, customers, and our employees. Be a self-starter who is eager to learn and experiment with new technologies, be able to work independently and as a teammate, identify sales challenges and address solutions as needed. As a Sr. TPE, you will play a key role in providing detailed technical information to our partners, customers, and our internal employees. You will be a strategic adviser to the business, driving valuable insight, guidance and feedback back into Palo Alto Networks. You will work across product teams to deliver this feedback Your Impact • Drive innovation within the modern Security Operations Center (SOC) by developing content and capabilities aligned with Cortex and detection-focused workflows., • Collaborate with legal, sales, product, and customer-facing teams to translate security operations needs into actionable product improvements., • Lead and coordinate cross-functional initiatives across product management, engineering, and field teams for high-impact security use cases., • Build high-quality content for the Cortex Marketplace including detection rules, parsers, dashboards, and other SOC-enabling artifacts., • Provide structured product feedback to influence roadmap decisions based on real-world SecOps challenges and opportunities., • Create detailed documentation and usage guides tailored for analysts, detection engineers, and security practitioners., • Promote operational excellence by designing scalable detection and response workflows grounded in industry best practices and threat-informed defense. Qualifications Your Experience • Ability to inspire and align teams across functions, paired with strong execution and delivery skills., • 2+ years of experience in security operations, threat detection, incident response, or detection engineering roles, • Solid understanding of SIEM, log analytics, data normalization, and detection lifecycle management (rule creation, tuning, suppression, enrichment), • Hands-on experience with XSIAM or similar platforms (Splunk, QRadar, Sentinel, etc.) is a strong plus, • Strong technical writing and communication skills, with the ability to convey complex ideas clearly to both technical and non-technical audiences, • Skilled in scripting or automation (Python, JavaScript, etc.) for detection development or incident investigation tasks, • Experience managing multiple projects or programs in dynamic, fast-paced environments with cross-functional visibility, • Familiarity with cloud infrastructure (AWS, Azure, GCP), especially as it relates to telemetry ingestion, detection engineering, or automated response — a significant advantage, • Experience with CNAPP solutions (e.g., Prisma Cloud, Wiz, Orca) and integrating cloud posture, workload protection, or entitlement data into SecOps workflows — an advantage, • Bonus: Exposure to infrastructure-as-code, CI/CD pipelines, or cloud-native services and their intersection with SecOps Additional Information The Team To stay ahead of the curve, it’s critical to know where the curve is, and how to anticipate the changes we’re facing. For the fastest growing cybersecurity company, the curve is the evolution of cyberattacks, and the products and services that proactively address them. Our TPE team helps us do just that. This team provides behind-the-scenes support for our products by being a source of information for our systems engineers, staying on top of the environment we sell in, and helping to implement technical solutions based on our client’s feedback and needs. As threats and technology evolve, we stay ahead to accomplish our mission. Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at . Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines.

IT Security Engineer Feltham (Hybrid) £50,000 Base + Benefits Overview The IT Security Engineer is responsible for designing, implementing, and maintaining the security controls that protect the organization’s systems, networks, and data. This role works closely with IT, DevOps, and business teams to ensure that security is embedded throughout technology operations and architecture. The IT Security Engineer is key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. Key Responsibilities: Security Architecture & Implementation • Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms., • Implement secure network architecture and enforce segmentation and least-privilege access controls., • Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). Threat Detection & Incident Response • Monitor and analyze security alerts and network traffic for threats or suspicious activity., • Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting., • Conduct root cause analysis and implement security hardening improvements. Vulnerability & Risk Management • Run regular vulnerability scans and penetration testing activities; track remediation of findings., • Evaluate risks and recommend security enhancements or compensating controls., • Maintain asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance • Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2., • Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS)., • Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing • Work with IT operations, cloud, and development teams to embed security in system and application designs., • Provide expert security guidance during solution design, procurement, and change reviews., • Support security awareness training and communicate best practices to employees. Qualifications • Education: Bachelor’s degree in information security, Computer Science, Networking, or a related field., • Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles., • Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. Skills & Competencies • Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls)., • Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR platforms., • Familiarity with scripting or automation (PowerShell, Python, Bash)., • Understanding of secure cloud architecture and Zero Trust principles., • Ability to analyze complex technical issues and communicate clearly to technical and non-technical audiences.

Do you want to join an exceptional name in the Microsoft Cloud Security space? Do you want to be using the most exciting Security tech in Microsoft? We are working with the Leading Microsoft Security Partner, and they are looking for a Security Consultant to join their Post sales team to come in a deliver exception Security Projects to a wide range of clients. You will be the go-to for all things Security and be very visible cross the business. Must have: • Proven Project Delivery Experience in Microsoft Cloud security., • Proven experience of working on multiple projects at any one time., • Purview, Defender, Sentinel, and Entra knowledge essential, • Ability to onboard customers onto Managed Services after delivery., • Be able to give expert advice on Cyber Essentials, • Lead, Plan, Desing and Implement projects from start to finish, • Produce exceptional Design documentation., • This role is very client facing so exceptional ability to speak with non-technical stakeholders is a must., • Ability to work alone and be self-sufficient and solve issues alone. There is lots of support once you have exhausted all avenues available to you. This is an outstanding opportunity to join a fast-paced, fast-growing business that will give you the opportunity to work with some of the most cutting-edge technologies and the best clients you can think of, helping to deliver exceptional Security Solutions.

Help secure this PE firm, with your technical skills being the key requirement here, not any previous financial experience. The majority of problems you'll need to solve will be technical. Some will be with external suppliers, others with your colleagues. You'll work with the wider security team to understand each specific issue, learning as much as you can along the way and implementing the best technical resolution. Yes, there will be on-call responsibilities here, all of which will contribute to the continuous running and performance of the business which will relate directly to your potential bonus. You'll be given a platform to learn and progress. Most issues you're working on will relate to Azure, with everything on MS here, including the physical stack. You'll need to have strong experience with Azure and this must be current knowledge and experience, along with Sentinel and Defender. You're going to be joining a well respected PE firm, with over $60bn in assets under management you'll be at a key player in the markets. Starting salary will be up to £95,000 and there are a range of benefits on top of this including discretionary bonus, health and wellness benefits, a hybrid work environment and more. Want to help secure this $60+ billion Private Equity firm? Get in touch. No up-to-date CV required.

Senior SecOps Engineer Location – London (4 days per week in London) Salary - £80-90k + Bonus + Benefits Currently working with a global InsureTech firm who are looking to hire a Senior SecOps Engineer to compliment their established yet growing internal Cyber Defence capability. This is a wide ranging role where you’ll be responsible for both Engineering and Analysis; monitoring and responding to incidents whilst also developing new detection rules and enhancing their monitoring infrastructure and tooling. This is a cloud-native SOC capability, based in Azure with a big emphasis on the Microsoft E5 suite of security monitoring and detection tooling. Experience configuring, fine-tuning and managing this tooling will be essential, as well as the ability to enhance and automate where possible using KQL. This is an incredible opportunity for an experienced SecOps specialist with experience of both SecOps Analysis and Engineering to join an established yet growing firm at a crucial point as they completely build out their Information and Cyber Security capability. Key Responsibilities: • Act as a lead and technical escalation point on the most complex incidents and investigations., • Develop and engineer new detection rules, automating monotonous tasks where possible., • Proactively research emerging and potential threat actors as a way of developing rules to safeguard against potential future threats., • Mentor and train junior team members through complex incident response investigations. Key Requirements: • Significant experience working in a SOC environment (5 years minimum), dealing with and responding to escalated and most high profile incidents., • Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack – Defender, Sentinel, KQL, etc., • Experience working in hybrid-cloud SOC environments – Azure preferably., • Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you’re an experienced SecOps Specialist, looking to shape how one of the most innovative HealthTech firms build out their cyber defence capability and leave a lasting impact on one of the most reputable organisations whilst working alongside a team of genuine Cyber Security SMEs, click the to apply or get in touch directly –

Information Security Analyst Hyrbrid Working Offered Note Preference will be given to candidates from a financial services / banking environments Salary: Up to £65,000 Purpose of the Role Supporting the organisation’s Information Security function by helping to develop, operate, and improve its Information Security Management System (ISMS). The role is responsible for providing advice, assurance, and oversight to reduce risks that could compromise the confidentiality, integrity, and availability of business systems and data. Experience in designing and monitoring security controls is essential, supporting compliance with industry standards and regulation, and ensuring alignment with group-wide information security practices. Key Responsibilities • Carry out assurance activities to measure compliance with security policies and control objectives, identifying gaps and opportunities for improvement within the first line of defence., • Record, track, and report on findings from security reviews, audits, and incidents, including the preparation of management information and risk reporting., • Develop, update, and deliver information security awareness training to ensure all employees understand their obligations and responsibilities., • Respond to security-related queries arising from audits and group-level oversight., • Contribute to vendor risk assessments with a focus on information security requirements., • Draft and maintain guidance on security controls for both business and IT stakeholders., • Monitor security alerts, logs, and related tools, escalating issues where required., • Support the coordination of incident response activities and participate in simulation exercises., • Perform information security duties as outlined in corporate policies and procedures., • Stay current with emerging practices, threats, and technologies to maintain the knowledge required for the role., • Provide support to senior information security leadership as required., • Undertake other tasks related to information security or IT as directed. Qualifications and Experience • Experience in managing or supporting an Information Security Management System (ISMS) based on frameworks such as ISO 27001, NIST, or SOC2., • Professional certification in information security governance and management (e.g., CISSP, CISM, CISA) preferred., • Minimum of 2 years’ experience in information security, including carrying out reviews and supporting improvements across technical and procedural controls., • Strong skills in documentation, analysis, and reporting., • Technical knowledge of cybersecurity concepts and practices., • (Desirable) Familiarity with SIEM, vulnerability assessment, incident detection, and system hardening., • (Desirable) Exposure to tools such as Microsoft Sentinel, Darktrace, Carbon Black, or Qualys., • General IT knowledge, with an understanding of IT operations and risks., • Awareness of regulatory environments, ideally with some exposure to financial services or another highly regulated sector.

Role Description: Security Analyst - Network & Endpoint / SOC Security Specialist We are looking for a highly capable and technically skilled Security Analyst to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level. Key Responsibilities: • Network Detection & Response:, • Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis., • Investigate anomalies and escalate incidents based on network telemetry., • Endpoint Protection:, • Deploy and manage CrowdStrike Falcon agents across enterprise endpoints., • Maintain and update detection rules, ensuring alignment with threat intelligence., • Security Operations Centre (SOC):, • Act as a Level 2 SOC Analyst and Incident Handler., • Triage, investigate, and respond to security alerts and incidents., • Collaborate with other SOC team members to ensure timely resolution and documentation., • Threat Intelligence & Insider Threat Monitoring:, • Monitor threat feeds and manage Indicators of Compromise (IOCs)., • Conduct insider threat analysis and support investigations., • Cloud & Identity Security:, • Use Microsoft Sentinel for incident investigation, alert correlation, and dashboard monitoring., • Manage identity governance and conditional access policies via Microsoft Entra ID., • Monitor Entra ID logs and integrate with Sentinel for rule-based alerting., • Additional Technologies:, • Experience with Zscaler for secure web gateway and DLP., • Exposure to Google SecOps is advantageous., • Team Leadership:, • Operate at a team lead level, supporting junior analysts and coordinating operational tasks., • Essential:, • CompTIA Security+, • Microsoft Certified: Security Operations Analyst Associate (SC-200), • CrowdStrike Certified Falcon Administrator (CCFA), • Darktrace Analyst Certification (if available), • Desirable:, • GIAC Certified Intrusion Analyst (GCIA), • EC-Council Certified Threat Intelligence Analyst (CTIA), • Microsoft Certified: Identity and Access Administrator Associate (SC-300), • CISSP or equivalent foundational certification

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: • Design, implement & tune advanced detection rules and analytics., • Translate threat intelligence into actionable detection logic., • Lead SIEM enhancements, integrations & content migration., • Mentor junior engineers and drive best practices., • Collaborate with IR & threat intel teams to refine detections. Skills: • Proven experience in SIEM content development & threat detection., • Strong expertise with Microsoft Sentinel, Azure & Logic Apps., • Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles., • Strong analytical & problem-solving skills.

Cantor Fitzgerald’s Global Information Security team is seeking an Information Security Operations Engineer with background and knowledge of Linux systems and Cloud infrastructure. The successful candidate will need to be able to work in a fast-paced environment, planning, coordinating, and executing all facets of our program and will play a critical role in detecting, responding to, and mitigating security threats across enterprise environment. Responsibilities will include: • Monitor, analyze, and respond to security events and incidents using SIEM and other security tools., • Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency., • Perform threat hunting and forensic investigations across IT environment., • Collaborate with infrastructure and application teams to ensure secure configurations and compliance., • Maintain and improve endpoint protection, intrusion detection/prevention systems., • Document incident response procedures and contribute to post-incident reviews., • Create network diagrams and as-built documents., • Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses., • Stay current with emerging threats, vulnerabilities, and security technologies. Qualifications and Skills: Education • Bachelor's Degree in MIS, CIS, Cybersecurity or similar., • At least five years of Security Operations., • At least three years of Linux Administration., • At least two years of Cloud (AWS or Azure) Administration. Must-Have Skills • Linux and Windows OS., • DNS., • Certificate Management: Digicert, AppViewX., • Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc., • Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc., • Microsoft O365 products (Excel, PowerPoint, etc.)., • SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel)., • Configure and troubleshoot EDR/ Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS., • Azure Security Center and Office365 Compliance Portal., • AWS and Azure (IAM, IaaS, PaaS)., • Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers., • Intermediate Understanding of services and protocols commonly used in hosting environments: web servers, database servers, active directory protocols., • Understanding of network packet analysis using tools such as Wireshark and TCPDump., • Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills • Relevant certifications such as AWS Security Specialty, CISA, CISM, GIAC, Security+, or CISSP., • Palo Alto Firewall, F5 LTM/GTM., • Palo Alto Cortex suite of tools., • Network technologies: switching, routing, wireless., • PowerShell and Python Scripting., • Power BI and Power Automate., • Integrating security systems via API, etc.

Senior Threat Detection Analyst Permanent | Hybrid We’re looking for an experienced Threat Detection Senior Analyst to join a global leader in data science and customer insights. The team supports some of the world’s most recognized brands, using data to drive smarter business decisions, and ensuring that data stays secure is central to everything they do. In this role, you’ll take ownership of detection and response across complex, hybrid environments — from on-prem systems to modern cloud platforms. You’ll play a key part in advancing the company’s threat detection capabilities and ensuring that security operations stay one step ahead of emerging threats. What You’ll Do • Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms., • Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives., • Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage., • Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK., • Collaborate with incident response, engineering, and intelligence teams to contain and resolve security incidents., • Support continuous improvement of detection strategies and mentor analysts to uplift overall team capability. What You’ll Bring • Solid background in threat detection, SOC operations, or incident response., • Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle)., • Hands-on experience developing and tuning detection content for cloud and hybrid environments., • Strong grasp of adversarial tactics and techniques and how they translate to real-world detection logic., • Excellent analytical and communication skills, with a calm and structured approach to problem-solving. Nice to Have • Experience in threat hunting or purple teaming., • Familiarity with automation or detection-as-code approaches., • Certifications such as GCDA, GCIH, or AZ-500 are a plus.

As a Cyber Security Engineer, you will play a crucial role in safeguarding our clients’ digital assets and infrastructure from cyber threats. You will be a key technical resource, responsible for designing and maintaining secure solutions and delivery systems, ensuring services are configured securely according to industry standards. Skills • Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies., • Experience with security tools such as firewalls, intrusion detection / prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment., • Exposure to SOAR tools, observability tools and data stream processing tools, • Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques., • Experience in writing content / polices for monitoring in line with MITRE ATT&CK framework, • Familiarity with regulatory requirements such as GDPR, HIPAA, PCI DSS, and industry standards like NIST Cybersecurity Framework.

If you need support in completing the application or if you require a different format of this document, please get in touch with at or call TCS London Office number 02031552100 with the subject line: “Application Support Request”. Role: Senior GCP Cloud Infra Engineer Job Type: Permanent Location: Bristol, Leeds, Halifax, Manchester, Edinburgh, London (Hybrid) Number of hours: 40 hours per week – full time Are you looking for an exciting opportunity in Google Cloud Infra, product and DevOps capabilities? Are you passionate about designing and developing Golang based microservices? We have an exciting role for you - Senior GCP Cloud Infra Engineer Careers at TCS: It means more TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership. • Build strong relationships with a diverse range of stakeholders., • Gain access to endless learning opportunities., • Work closely with the range of teams within the business to bring products to life. The Role As a Senior GCP Cloud Infra Engineer, you will be part of our Public Cloud Platform and help achieve our mission to provide compliant and efficient Google Cloud Infra, product and DevOps capabilities for the Group and drive innovation to enable customers to have rapid and seamless Google Cloud Adoption and build their business journeys more scalable, resilient and efficient . Your role will be part of a cross-disciplinary feature team in addition to being a highly experienced member of our wider Lloyds engineering team delivering change. Your role as a GCP Cloud Infra & DevOps specialist involves supporting teams with modern DevOps solutions, curating scalable GCP Cloud Products as IaaC. You'll learn new skills, technologies and approaches to software development as well as benefiting from a culture that celebrates diversity, equal opportunity. Key responsibilities: • Hands-on GCP Cloud Engineering with a strong GCP DevOps and CI/CD background, • Deep expertise in Infrastructure as Code (IaC) and proven experience in Terraform / Terraform Cloud., • Strong hands on experience on curating GCP Cloud Products and Infrastructure, • Build automated workflows around the products using Python Scripting., • Proficient in Google Kubernetes (GKE), Container, Istio Service Mesh, Cluster Management, • Audit and restructure existing Terraform modules and state files, • Migrate legacy configurations into unified, reusable templates, • Implement security-focused Terraform modules with embedded guardrails and policy-as-code (e.g., Sentinel, OPA), • Enforce GCP Org Policies with constraints like IP restrictions, network policy, Access Management, encryption, and region control for secure, compliant cloud governance, • CI/CD Integration ., • Implement automation pipelines for infrastructure-as-code deployments. Your Profile Essential skills/knowledge/experience: • GCP Cloud Engineering, GCP DevOps & Infra, • Terraform / Terraform Cloud (IaaC), • Python Scripting., • Harness, Jenkins, GitHub, • Google Kubernetes (GKE), Container, Istio Service Mesh, • GCP Organisation Policy, Custom Org Policy (Policy as a Code) – Sentinel/OPA, • GCP and Terraform Certified, • Good to have experience working in an IDE Platform for Cloud Engineering (e.g. Backstage) Desirable skills: • Experience as a GCP Cloud SME., • Experience as a Technical Consultant in guiding Design, Architecture and Strategy. Rewards & Benefits TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop, phone, access to extensive training resources and discounts within the larger Tata network. Diversity, Inclusion and Wellbeing Tata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the UK Equality Act 2010 and the UK Human Rights Act 1998. We believe in building and sustaining a culture of equity and belonging where everyone can thrive. Our diversity and inclusion motto is ‘Inclusion without Exception’. Our continued commitment to Culture and Diversity is reflected across our workforce implemented through equitable workplace policies and processes. You’ll find a welcoming culture and many internal volunteering and social networks to join (these are optional). Our diversity, inclusion and social activities include 12 employee networks such as gender diversity, LGBTQIA+ & Allies, mental health, disability & neurodiversity inclusion and many more, as well as health & wellness initiatives and sports events and we sponsor the London Marathon. We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role. If you are an applicant who needs any adjustments to the application process or interview, please contact us at with the subject line: “Adjustment Request” or call TCS London Office 02031552100 to request an adjustment. We welcome requests prior to you completing the application and at any stage of the recruitment process. Next Steps Due to a high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion. Join us and do more of what matters. Apply online now.

⚠️ This role is based in the UK and we unfortunately are not able to provide visa sponsorship. ⚠️ ⚠️ Also, this is an experienced hire role. Please do not apply if you are seeking your first role in cyber security - look out for our Graduate SOC Analyst roles instead ⚠️ What we’re offering (saves you scrolling straight to the bottom): • Salary: £40,000–46,000 depending on experience, • Shares: We operate an EMI scheme and you will earn over time a slice of the CyPro pie., • Holiday: 25 days paid holiday plus bank holidays (increases by 1 day per year worked up to 30 days), • Flexible Working: We love getting the team together in the office, so we typically spend three days per week together in our lovely London office (39 floors up in Canary Wharf 👀). The rest of the time, you can work wherever you’re most productive., • Working Hours: 4 days on, 4 days off, rotating day/night shifts, • Training: Budget for one certification/course per year, • Socials: We meet regularly to have a drink, throw some axes, • Start Date: ASAP About CyPro: • We are an innovative cyber security start-up united in a shared mission: to redefine cyber security for small and medium-sized businesses (SMBs)., • Our Founders – Jonny & Rob – spent most of their early careers delivering cyber security for large enterprises and central government. They saw a clear need for a new approach to cyber security as SMBs became increasingly targeted by cyber criminals. By 2022, SMBs accounted for 75% of attacks, largely due to being easy targets., • Together, CyPro is already setting new standards, defining innovative solutions and equipping its clients with the cyber security they need to prevent attacks, secure bigger clients and scale to new heights., • We are growing quickly, and the next few years promise more of the same. Joining CyPro means becoming an integral part of our mission and joining a team of industry experts embarking on this journey. The Role: • This isn’t your typical SOC Analyst role where you’re pigeonholed into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations., • You’ll play a key role in our Security Operations Centre, delivering 365-day monitoring, detection and response to our growing customer base. You’ll contribute to building out our capabilities, improving tooling and processes, and shaping how we operate as the function matures., • As the team grows further, you’ll have the flexibility to focus more deeply on the areas that interest you most – whether that’s advanced detection engineering, threat intelligence, incident response leadership or platform automation. If you’re ambitious and want to help shape something rather than simply follow a process, this is the right environment for you. Core Responsibilities:Security Monitoring & Incident Response • Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic., • Assess severity and impact of alerts, triage and investigate incidents independently., • Execute containment and remediation actions using defined runbooks and playbooks., • Correlate data across platforms to identify anomalies, malicious patterns and attacker behaviour., • Produce detailed incident reports, RCA and after-action reviews for internal and client use., • Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework., • Draft and optimise KQL queries for detection and threat hunting., • Analyse threat intelligence feeds to identify relevant threats and vulnerabilities., • Review and tag IOCs and TTPs observed in client environments., • Prepare weekly and monthly SOC reports highlighting activity, incidents and trends., • Join governance calls with senior analysts or managers to present SOC insights., • Support the management of CyPro’s internal security environment., • Administer and monitor identity management solutions., • Manage and maintain our MDM platform to ensure secure and compliant device management., • Design and develop Logic Apps to automate incident response workflows., • Contribute to evolving internal runbooks and knowledge base articles., • Work toward and maintain relevant certifications (e.g. SC-200, AZ-500)., • Stay up to date with current threat trends, attacker TTPs and defensive strategies., • Actively participate in ongoing training and capability development. Who we're looking for: • Self-Starters – we’re not a large FTSE organisation with a procedure for everything. You’ll need to operate in an environment with few guardrails and help build things as we grow., • Ambitious & Driven – whether your goal is to lead a team, specialise technically or move into leadership in future, we’ll support your development., • Always Improving – we’re a growing business and want our people to grow with us. What we think you need to be successful: Education & Experience • University educated with a degree in computer science, information security or equivalent, • At least one year of experience in a SOC environment monitoring and responding to incidents, • Microsoft Sentinel and Defender hands-on expertise, • SC-200 certification or willingness to achieve it, • Strong KQL skills for threat hunting and incident forensics, • Experience with SIEM, IDS/IPS and threat intelligence platforms, • Familiarity with incident response frameworks and security best practice, • Problem-Solving: Identify, troubleshoot and resolve complex security issues., • Attention to Detail: Ensure accurate detection, analysis and documentation., • Analytical Thinking: Comfortable interpreting complex security data., • Communication: Clear and confident communicator, able to translate technical issues for non-technical audiences., • Calm Under Pressure: Maintain composure during incidents and escalate appropriately., • Accountable & Humble: Take ownership and learn from experience., • Curious: Dive into data sets and problems to uncover patterns and root causes. Our Two-stage Hiring Process: • Intro Discussion (20 minutes, Remote): An initial chat to learn more about you and the role., • Assessment Centre (2 hours, London): A mini project on-site (no prep required), some quick tests, followed by a final interview with the founders and our SOC Manager.

Security Operations Lead - Fintech - Trading Hybrid Working - 3 days in London office The Role As SecOps Lead, you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. Key Responsibilities • Serve as the primary contact for the MDR partner, managing the relationship, conducting service reviews, and ensuring SLAs are consistently met., • Lead incident response efforts during security events — coordinating across teams to achieve fast containment and recovery., • Review and fine-tune security alerts with the MDR provider, reducing false positives and improving detection accuracy., • Develop and monitor MDR performance metrics (KPIs), presenting insights and trends to senior leadership., • Maintain and evolve the security incident response plan (IRP) and playbooks in collaboration with the MDR provider., • Translate technical security risks into actionable business recommendations for stakeholders at all levels., • Contribute to broader cybersecurity initiatives, including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). Requirements • In-depth understanding of the incident response lifecycle — preparation, detection, containment, eradication, recovery, and lessons learned., • Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation., • Strong familiarity with EDR platforms like CrowdStrike, SentinelOne, or Carbon Black., • Working knowledge of network security, including protocols, firewalls, IDS/IPS, and traffic analysis., • Experience with cloud security principles in AWS, Azure, or GCP., • Ability to interpret and apply threat intelligence to improve controls and detection coverage., • Experience with MacOS preferred, • Strong communication skills — capable of articulating complex technical issues to both technical and non-technical stakeholders., • Proven track record of managing vendor relationships and holding third-party partners accountable., • Analytical mindset with strong problem-solving and prioritization skills.

Azure DevOps Network Lead | £500 - £525 | 3 Month Initial | Outside IR35 | Fully Remote Opus are working with a key client on an Azure DevOps Network Lead role to deliver secure, scalable network architecture across a large Azure estate. The role focuses on automation, routing, and security. This is an initial 3-month contract offering between £500 and £525 per day with a proposed project completion date of March 2027. Key Skills: • Azure networking: VNets, NSGs, UDRs, Front Door, App Gateway, Private Link, • Terraform for network automation, • Container networking (AKS, CNI, ingress controllers), • Microsoft Sentinel, Azure Monitor, Network Watcher, • Experience in central government programmes Deliverables include: • IaC templates (Terraform/Bicep), • Network architecture documentation, • Sentinel dashboards & WAF configurations, • AKS container networking setup, • Incident response playbooks If this Azure DevOps Network Lead role sounds like a good fit, please respond with your most up-to-date CV and I’ll be in touch. Azure DevOps Network Lead | £500 - £525 | 3 Month Initial | Outside IR35 | Fully Remote

Job Title: Cyber Solutions Architect (Channel/MSP) Remote (UK-based) £110,000 Base Salary + Excellent Benefits Must have MSP, Reseller, or Channel experience Why Join Us? We are one of Europe’s fastest-growing cloud and security solutions providers—on a mission to empower businesses on their cloud transformation journey and defend them from evolving cyber threats. Here’s why tech professionals love working with us: • Rapid Growth & Stability: Recognised among the fastest-growing tech firms in Europe, we offer exciting career momentum and long-term stability., • Industry Recognition: Award-winning Microsoft Security Partner and a top-tier partner with major vendors like VMware and Veeam., • Global Reach: With teams across the UK, Ireland, Europe, South Africa, and Asia, we offer international collaboration and opportunities., • Commitment to Innovation: Work at the cutting edge of cyber architecture, cloud security, and compliance in hybrid and cloud-native environments., • Flexible & Supportive Culture: Emphasis on remote-first working, internal mobility, personal growth, and inclusive values. Key Role Responsibilities • Architect and deliver cyber security strategies for a range of mid-market and enterprise clients., • Design and implement security and compliance solutions across Microsoft 365 and hybrid cloud platforms., • Conduct risk assessments and lead mitigation planning aligned to ISO 27001, NIST CSF, and other frameworks., • Lead technical workshops and deliver board-level briefings to both technical and non-technical stakeholders., • Support clients with audit readiness and regulatory alignment (e.g., GDPR, NIS2, SOC 2)., • Mentor junior consultants and contribute to developing repeatable, high-impact security offerings., • Collaborate across internal teams to enhance solution offerings, proposals, and delivery methodologies. Key Attributes Required • Experience: 7+ years in cybersecurity, including at least 3 in an advisory or architecture role within an MSP, reseller, or channel partner., • Framework Fluency: Proven knowledge of ISO 27001, NIST CSF, GDPR, and other regulatory/compliance standards., • Cloud & Security Architecture: Deep expertise in Microsoft security (M365, Sentinel, Defender), as well as hybrid and multi-cloud security., • Communication: Excellent at engaging both technical and executive audiences with clear, impactful reporting., • Certifications (preferred): CISSP, CISM, CCSP, ISO 27001 Implementer/Auditor, Microsoft SC-series.

Security Solution Architect Location: Remote Salary: Paying up to £80k basic + commission (£120-£130k OTE) Top tier Azure Expert MSP is seeking a security-focused Solution Architect to join their high-performing Presales team. This is a strategic opportunity to shape enterprise security solutions using the Microsoft Security Stack, supporting clients across sectors in their cloud transformation journeys. As a key member of the Presales function, you will lead the design and articulation of secure cloud architectures, aligning technical capabilities with client requirements. You’ll act as a trusted advisor, guiding stakeholders through best practices in identity, access, threat protection, and compliance within the Microsoft ecosystem. Key Responsibilities • Design and present secure cloud solutions leveraging the Microsoft Security Stack, including Defender, Sentinel, Entra ID, Purview, and Intune., • Collaborate with sales and technical teams to translate business needs into scalable, secure architectures., • Lead client engagements, workshops, and technical assessments to shape solution strategy., • Stay abreast of evolving security threats and Microsoft innovations to ensure cutting-edge recommendations., • Contribute to proposals, RFP responses, and technical documentation with clarity and precision. Candidate Profile • Proven experience in cloud security architecture, ideally within a Microsoft-focused environment., • Deep understanding of Microsoft 365 and Azure security capabilities., • Strong communication and stakeholder engagement skills, particularly in presales or consultancy settings., • Relevant certifications (e.g., SC-100, AZ-500, MS-500) are highly desirable., • Ability to work collaboratively in a fast-paced, client-facing role. Remote based role. Paying up to £80k basic + commission (£120-£130k OTE) Must be eligible to work in the UK.

ROLE TITLE: SOC Analyst LOCATION: flexible (can be mostly remote, must be based in UK) CLEARANCE: SC cleared, or eligible for SC clearance Salary: £35k - £41k The ideal candidate will have active SC Clearance or be eligible to undergo SC Clearance. We are actively looking to secure an SOC Analyst to join Experis. Experis Consultancy is a Global entity with a well-established team with over 1000 consultants on assignment across 20 clients globally. Our UK operation is growing and has very aggressive plans for expansion over the coming years. We form part of the Manpower group of companies that turn over $20 billion a year collectively. Experis UK have partnerships with major clients across the UK spanning multiple industries; our approach is a very personal one, with both our clients and our own employees. We are passionate about training, technology and career development. Key accountabilities of the role • A SOC Analyst will be responsible for providing Protective Monitoring Services across a range of Secure Customers., • They will be responsible for the day to day monitoring using various SIEM Tools (Qradar, Sentinel & LogRhythm). Some of the responsibilities that come along with this role include the following: Security Analytics Incident investigation, triage and escalation Threat monitoring and response Trend reporting Rule tuning and continual service improvement, • The role involves working alongside other team members including SOC engineers and Service Managers. Skills required: • Microsoft Certified: Security Operations Analyst Associate Certification (SC200) is a mandatory requirement for role fulfilment, • Experience working with SIEM technologies and security tooling, • An understanding of IT Infrastructure and Networking An understanding of vulnerability and threat management, • An understanding of the incident response lifecycle T, • he ability to work in a close team and independently, • The ability to be adaptable to a high pace changeable workload, • An interest in security and threat management Benefits Include: • Contributory pension scheme, • Employee Assistance Program, • Medical and Dental cover, • 22 days holiday + bank holidays, • Maternity Pay/Shared Parental leave and paternity leave, • Sick pay Suitable Candidates should submit CVs in the first instance.

Estate Strategy and Planning Consultant (Life Sciences) Hybrid (London, Oxford, Cambridge): 3-4 days per week onsite About the Company One of my well-established clients has a strong track record providing estate strategy and planning services to a wide range of organisations across the public Life Sciences and Healthcare sectors. As part of their long-term goal to grow in the private Life Sciences market, they’re looking for someone to join their Life Sciences Strategy and Planning team. This is an exciting opportunity to play a key role in supporting the expansion of a respected consultancy with a well-established presence across the UK. About the Role My client is looking for a confident and proactive individual who can help shape the next phase of their growth in the private Life Sciences sector. The role offers the chance to influence strategic direction within the estates of existing and upcoming high-profile Life Sciences clients, from early-stage planning and site acquisition to long-term asset optimisation and estate masterplanning. Projects could include: • Expansion of a research institute following a new partnership or funding agreement, • Repurposing of a laboratory to support a revised investigative or therapeutic focus, • Integration of Operational Technology systems to increase Quality Assurance standards in a GMP manufacturing plant, • Modernisation of buildings across an academic campus to enhance collaboration and sustainability You will work alongside a Business Development colleague, a Director who has led a major account with significant success, and a Project Management team dedicated to delivering the strategies that you develop. Responsibilities • Act as a key account holder to clients (including pharmaceutical, biotech, and research institutes), building and maintaining relationships, identifying new business opportunities, and providing strategic insight into capital planning, decarbonisation, and space optimisation, • Lead end-to-end strategy development, producing evidence-based estate strategies, option appraisals, and business cases, • Undertake spatial and capacity analysis of laboratories and support spaces, working with design and technical specialists to align estates provision with scientific workflows and regulatory requirements (e.g. GMP, GLP, ISO), • Support proposal and tender preparation in an advisory capacity, contributing strategic insight and value propositions for new and existing clients, • Facilitate effective handover to dedicated delivery teams, ensuring strategic intent and client priorities are clearly translated into implementation plans, design briefs, and measurable performance outcomes Required Skills • Extensive experience within the Life Sciences sector, with a solid understanding of the estates and facilities associated (including wet/dry/analytical labs, cleanrooms, GMP facilities, innovation or science parks) with awareness of their operational and regulatory nuances, • Knowledge of estate/facility strategy, such as site suitability analysis, lab repurposing, technology integration, feasibility studies, and change management, • Proven background delivering consultancy or strategic advisory projects in Life Sciences, research, or estates-focused environments, • Strong commercial awareness and financial acumen, able to connect estate decisions to business objectives, cost models, and long-term ROI, • Excellent communication skills, able to engage confidently and credibly with senior stakeholders across technical, scientific, and estates functions Desirable Skills • Professional qualification in a relevant built environment discipline (architecture, engineering, facilities, or property management), • Training or certification in project/programme management, • Experience working with stakeholders in complex, multi-tenant science environments (e.g. research campuses, innovation clusters, or science parks), • Familiarity with UK government or funding frameworks that influence life sciences estates (e.g. UKRI, NHS England, or regional investment bodies), • Recognised accreditations and strong connections within the Life Sciences industry, • Proficient in Microsoft Office and presentation tools (e.g. PowerPoint, InDesign, Illustrator)

Location: London/Leicester/Essex Hybrid: 2-3 days in office Our client is financial service company. They are looking for a passionate and detail-oriented Information & Cyber Security Executive to join the teams. The role encompasses all aspects of information security including organisational security and governance, people security, physical (site) security and technical security controls. The role will assess evolving technologies and threats and communicate the risks. They offer salary up to £80k base + £5k car allowance and other benefits. What You'll Do • Assess compliance with internal security policies and industry standards (eg, ISO/IEC 27001/2, PCI-DSS)., • Conduct supplier risk assessments and third-party due diligence., • Support vulnerability assessments, incident investigations, and operational resilience activities., • Monitor the effectiveness of security controls to ensure confidentiality, integrity, and availability (CIA)., • Assist with security certifications and regulatory frameworks including GDPR., • Translate technical risks into clear, business-friendly advice. Essential • Cyber Security Concepts - Demonstrates an understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied., • Threat landscape - Knowledge and understanding of the threat landscape relating to information governance, privacy and security., • Analytical thinking - Ability to break down complex problems to derive the root cause and mitigating actions., • Risk management - Methods and techniques for the assessment and management of business risk including safety-related risk., • Attention to detail - Completes all aspects of a task. Checks all work thoroughly and corrects any mistakes promptly. Establishes realistic deadlines and then sticks to them., • Delivers business results - Ensures that own aims are aligned with business plans. Redirects own time and resources to ensure aims are met., • Using information effectively - able to develop insights and conclusions following risk events Desirable • Knowledge of cloud security particularly Microsoft Azure (E5) including defender for endpoint, sentinel, and purview., • A knowledge of ITIL including incident management and problem management including root cause analysis., • A knowledge of the data protection act (UK GDPR) and how it applies to information and cyber security, • A security certification such as CISM, CISMP, CISSP or equivalent would be desirable., • A relevant IT or security-based degree or equivalent practical experience.

SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. If you have worked in a busy SOC with a focus on Advanced Threats, Continuous Monitoring, Security Detection please get in touch. This role will see youinvestigating suspicious activity, validating detections etc, threat hunting etc. Experience with XDR Software, Crowdstrike, Carbon Black, Mitre Attack, KQL, Microsoft Azure, Sentinel, Qualys IDS Web proxies etc please get in touch. Full details on request.

Head of SOC (Interim) | Capital Markets | Central London (On-site) Robert Half International (an S&P 500 global staffing provider) is supporting a global consulting firm in sourcing an experienced Head of SOC (Interim) to join a leading capital markets client during a key period of transition. The role focuses on maintaining and enhancing the client's existing Security Operations Centre, managing the external SOC provider, and ensuring continuity of operations while a permanent structure is established. Assignment Details • Initial Duration: 3-6 months (with potential extension) to start ASAP by w/c 24 November, • Location: On-site minimum 3 days per week in Central London will be required. You'll be operating within a compact, high-performing capital markets environment, taking full ownership of the SOC function and acting as the internal escalation point for all incident response and forensic activity. Reporting to the Deputy CISO, this role is ideal for a hands-on SOC leader who can balance strategic oversight with day-to-day technical execution. You'll manage the external SOC supplier, maintain visibility across tooling and detections, and drive continual improvements in incident management, monitoring, and response. Key Skills & Experience • Proven experience leading or managing a SOC function within capital markets, FinTech, or smaller financial services environments., • Strong technical experience with CrowdStrike and Elastic SIEM., • Skilled across the Microsoft 365 Security Stack (Defender, Sentinel, Entra)., • Hands-on capability in incident response, threat hunting, and digital forensics., • Demonstrated experience managing outsourced SOC providers and maintaining performance SLAs. This is an exciting opportunity for a technically strong, pragmatic SOC leader to play a critical role in maintaining and stabilising cyber operations for one of London's most respected capital markets organisations. Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data:

As Cybersecurity Engineer, you'll strengthen the organisation's cyber resilience by developing, deploying, and monitoring security controls across on-premise, cloud, and hybrid systems. Deploy, configure, and tune platforms including SASE, Sentinel One, AWS Security Hub/GuardDuty, Azure Security Cen

One of my Life Sciences clients has a strong track record providing estate strategy and planning services to a wide range of organisations across the Life Sciences and Healthcare sectors. As part of their ongoing aim to grow in the private Life Sciences market, they're looking to appoint a Strategic Advisor to join their Life Sciences Strategy and Planning team. This is an exciting opportunity to play a key role in supporting the expansion of a respected consultancy with a well-established presence across the UK. The role offers the chance to influence strategic direction, work with high-profile clients, and help shape the next phase of growth in the Life Sciences sector. Key Responsibilities • Act as a key account holder, • Lead end-to-end strategy development (delivery managed by other teams), • Build and maintain client relationships, and identify new business opportunities, • Hold credible, informed discussions with senior stakeholders across Life Sciences and estates/facilities management, • Extensive experience within the Life Sciences sector, • Proven background delivering consultancy or strategic advisory projects (Life Sciences, research, or estates focus), • Strong commercial awareness and financial acumen, • Excellent communication skills, able to engage effectively at a senior level and with a range of professionals (such as scientific, property, and regulatory), • Professional qualification in a relevant built environment discipline (architecture, engineering, facilities, or property management), • Training or certification in project/programme management, • 3-4 days per week in the office (locations across the UK) or on client site (likely London, Cambridge, and Oxford), • Salary: £90,000-£110,000 plus benefits, depending on experience and suitability, • Two-stage interview process: initial phone conversation followed by an in-person interview (which may include a short task)

Threat Hunter/Threat Detector/SOC Analyst/TTP/Threats/Monitoring/Detection/ZTNA/Sentinel/Splunk. Superb London based client have an Urgent role, Inside IR35, Hybrid Remote and Onsite for an experienced SOC Analyst/TTP/Threats Monitoring/Detection/ZTNA/Sentinel/Splunk. This role, working across Cloud (AWS/Azure and GCP) will see you focusing on threat detection and threat hunting as part of a busy SOC Team. This role isn't about dealing with threats when they happen, it is about hunting them out. Thinking ahead of the curve and providing direction, thoughts and strategy as to how the business deals with threats.

APC Consultant. Superb client with sites across Europe require an APC SME for 1 year, Inside IR35, fully expensed, hybrid Onsite and Remote working. If you have a wealth of APC experience with global Manufacturing clients, working with APC/Advanced Process Control Systems like Aspen DMCplus, Honeywell Profit Controller, Yokogawa APC, ABB etc and are available soon please get in touch. The APC SME will lead the design, implementation, and continuous improvement of advanced process control solutions to enhance productivity, quality, and energy efficiency across multiple production lines (eg, pulp mills, recovery boilers, paper machines, and bleaching processes). Full details on request

Overview: Hiring a seasoned DevOps/Platform Engineer to drive automation, platform reliability, and robust software delivery pipelines using both conventional practices and advanced AI/ML techniques in global, regulated enterprises. Key Responsibilities: • Design, deploy, and manage CI/CD pipelines and infrastructure automation, leveraging AI for, • efficiency., • Implement infrastructure as code and environment provisioning, including AI-powered script and, • configuration generation., • Monitor and optimize system reliability, availability, and security—using AI/ML for predictive, • alerts and intelligent scaling., • Establish DevSecOps best practices, compliance controls, and MLOps (CI/CD for ML workflows)., • Troubleshoot complex infrastructure, deployment, and ML model serving issues. Core Technical & AI/ML Skills: • Deep experience with IaC tools (Terraform, Ansible, CloudFormation), scripting (Python, Bash),, • and AI-enhanced automation., • Build and maintain CI/CD (Jenkins, GitLab CI, GitHub Actions, ArgoCD)., • Cloud infrastructure (AWS, Azure, GCP), container orchestration (Kubernetes, Docker)., • Logging, monitoring, and observability (Prometheus, Grafana, ELK/EFK), including AI-driven log, • analysis and incident prediction., • Experience supporting MLOps: deploying ML workflows, ensuring model traceability and, • compliance., • Use of AI assistants and workflow tools to script, manage incidents, and enforce security policies, • (OPA, Sentinel). Soft Skills: • Influential in driving DevOps culture change., • Strong communicator across development, security, and business teams., • Mentorship and process rigor, open-minded to AI-driven productivity improvements., • High accountability, initiative, and a proactive approach to emerging technologies.

About the job Established in 1982, Bytes has grown rapidly and now employs over 800+ people across 6 locations in the UK and Ireland. Our turnover in Financial Year 2024 was in excess of £2bn. We work with SME’s, corporates and public sector organisations to modernise and digitally transform their IT infrastructures. We invest in our employees through on-going support, training and advice to help them achieve their career aspirations, rewarding success both financially and personally. There is opportunity to grow and move internally which can be seen through our long-standing employees who have developed existing and new skills to move into senior positions in the organisation leaving space for new team members to begin their journey. Why Bytes? • Over 800 staff (plans to double in size over the next 5 years), • Operating from modern, hybrid working environments with offices in Leatherhead, Reading, London, Manchester, Port Solent and Dublin., • Winners of an array of industry awards, • Sunday Times Top 100 Best Places to Work, • Excellent training and career prospects offered, • Fantastic office with gym, canteen, open plan, smart casual dress code, regular incentives and company events, • Supporters of 85+ charities with strong commitment to diversity and sustainability PURPOSE OF JOB: As a Microsoft Cloud Security Specialist, you will play a pivotal role in driving the growth of our Microsoft Security business. This is a strategic sales overlay role focused on supporting our sales teams in positioning, differentiating, and closing opportunities across Microsoft’s security portfolio - including Microsoft Defender XDR, Sentinel, Entra, Purview, and Defender for Cloud. You will act as a subject matter expert and trusted advisor, helping customers understand the value of Microsoft’s integrated security solutions and how they can reduce risk, improve compliance, and accelerate secure digital transformation. A key part of your remit will be to lead sales of our Microsoft Security Managed Service, including managed SOC. You will collaborate closely with internal sales teams, Microsoft account teams, and Bytes stakeholders to align with the Microsoft FY26 solution plays and partner incentives. Your success will be measured by pipeline growth, deal velocity, and the expansion of our managed security services footprint. RESPONSIBILITIES: Sales Enablement & Technical Pre-Sales • Collaborate with account executives and solution architects to position Microsoft security solutions effectively during customer engagements., • Translate customer security requirements into solution architectures using Microsoft technologies., • Assist in crafting proposals, RFP responses, and statements of work with a security focus. Customer Engagement & Solution Design • Design tailored security solutions leveraging Microsoft’s cloud-native tools and services., • Advise customers on best practices for cloud security posture management, threat detection, data governance, and compliance. Product Expertise & Evangelism • Maintain deep technical expertise in Microsoft Sentinel, Defender for Cloud, Purview, and related security offerings., • Stay current with Microsoft’s security roadmap, product updates, and licensing changes., • Act as a trusted advisor to customers and internal teams on Microsoft’s security capabilities and integrations. Managed Security Services Support • Support the positioning and onboarding of customers into your Security Managed Service., • Collaborate with service delivery teams to ensure smooth transitions from pre-sales to implementation., • Provide input into service development and enhancement based on customer feedback and market trends. Training & Knowledge Sharing • Educate sales teams on Microsoft security products and how to identify opportunities., • Create and deliver internal enablement sessions, playbooks, and reference architectures., • Share insights from customer engagements to improve sales strategies and technical offerings. Cross-Team Collaboration • Work closely with Microsoft account teams, partner managers, and technical specialists., • Coordinate with compliance, identity, and infrastructure teams to deliver holistic security solutions., • Support marketing and events by contributing to webinars, blogs, and customer success stories. QUALIFICATIONS, EXPERIENCE, & SKILLS: Educational Qualifications: • Educated to A Level standard, equivalent or higher (ESSENTIAL) Professional Qualifications • Microsoft 365 Fundamentals (MS-900) DESIRABLE, • Microsoft Azure Fundamentals (AZ-900) DESIRABLE, • Microsoft Security Compliance & Identity Fundamentals (SC-900) ESSENTIAL, • Microsoft Cybersecurity Architect (SC-100) DESIRABLE Years of Experience: • Minimum 3 years working with Microsoft Cloud technologies ESSENTIAL Other requirements: • Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments., • Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection., • Familiarity with Azure, Microsoft 365, and hybrid cloud environments., • Understanding of security operations, incident response, and threat intelligence. CORE COMPETENCIES & SKILLS • Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview, • Understanding of security operations, incident response, and threat intelligence., • Ability to translate technical concepts into business value for non-technical stakeholders, • Strong presentation, demo, and proposal-writing skills., • Comfortable engaging with C-level executives, security teams, and IT leadership

JIB Gold Card Electrician required Working on Waterloo station and London Bridge station PTS sentinel card an added bonus as some works could be within track environment.

Title : Privileged Access Management Engineer Client : Banking \n Salary : £450-£550 p/d Inside IR35\n Location : London \n\n Responsibilities: \n Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR). \n Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure. \n Automated account management processes, including credential updates, session tracking, and approval workflows. \n Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. \n\n The successful candidate will have the following skills/experience \n Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk \n Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows. \n Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity \n Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

Title : Privileged Access Management Engineer Client : Banking \n Salary : £450-£550 p/d Inside IR35\n Location : London \n\n Responsibilities: \n Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR). \n Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure. \n Automated account management processes, including credential updates, session tracking, and approval workflows. \n Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. \n\n The successful candidate will have the following skills/experience \n Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk \n Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows. \n Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity \n Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

Title : Privileged Access Management Engineer Client : Banking \n Salary : £450-£550 p/d Inside IR35\n Location : London \n\n Responsibilities: \n Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR). \n Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure. \n Automated account management processes, including credential updates, session tracking, and approval workflows. \n Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. \n\n The successful candidate will have the following skills/experience \n Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk \n Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows. \n Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity \n Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

Senior Threat Detection Analyst Permanent | Hybrid \n\n Were looking for an experienced Threat Detection Senior Analyst to join a global leader in data science and customer insights. The team supports some of the worlds most recognized brands, using data to drive smarter business decisions, and ensuring that data stays secure is central to everything they do. \n\n In this role, youll take ownership of detection and response across complex, hybrid environments from on-prem systems to modern cloud platforms. Youll play a key part in advancing the companys threat detection capabilities and ensuring that security operations stay one step ahead of emerging threats. \n\n What Youll Do \n Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. \n Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. \n Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. \n Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. \n Collaborate with incident response, engineering, and intelligence teams to contain and resolve security incidents. \n Support continuous improvement of detection strategies and mentor analysts to uplift overall team capability. \n\n What Youll Bring \n Solid background in threat detection, SOC operations, or incident response. \n Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). \n Hands-on experience developing and tuning detection content for cloud and hybrid environments. \n Strong grasp of adversarial tactics and techniques and how they translate to real-world detection logic. \n Excellent analytical and communication skills, with a calm and structured approach to problem-solving. \n\n Nice to Have \n Experience in threat hunting or purple teaming. \n Familiarity with automation or detection-as-code approaches. \n Certifications such as GCDA, GCIH, or AZ-500 are a plus.

Senior Threat Detection Analyst Permanent | Hybrid \n\n Were looking for an experienced Threat Detection Senior Analyst to join a global leader in data science and customer insights. The team supports some of the worlds most recognized brands, using data to drive smarter business decisions, and ensuring that data stays secure is central to everything they do. \n\n In this role, youll take ownership of detection and response across complex, hybrid environments from on-prem systems to modern cloud platforms. Youll play a key part in advancing the companys threat detection capabilities and ensuring that security operations stay one step ahead of emerging threats. \n\n What Youll Do \n Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. \n Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. \n Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. \n Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. \n Collaborate with incident response, engineering, and intelligence teams to contain and resolve security incidents. \n Support continuous improvement of detection strategies and mentor analysts to uplift overall team capability. \n\n What Youll Bring \n Solid background in threat detection, SOC operations, or incident response. \n Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). \n Hands-on experience developing and tuning detection content for cloud and hybrid environments. \n Strong grasp of adversarial tactics and techniques and how they translate to real-world detection logic. \n Excellent analytical and communication skills, with a calm and structured approach to problem-solving. \n\n Nice to Have \n Experience in threat hunting or purple teaming. \n Familiarity with automation or detection-as-code approaches. \n Certifications such as GCDA, GCIH, or AZ-500 are a plus.

Senior Threat Detection Analyst Permanent | Hybrid \n\n Were looking for an experienced Threat Detection Senior Analyst to join a global leader in data science and customer insights. The team supports some of the worlds most recognized brands, using data to drive smarter business decisions, and ensuring that data stays secure is central to everything they do. \n\n In this role, youll take ownership of detection and response across complex, hybrid environments from on-prem systems to modern cloud platforms. Youll play a key part in advancing the companys threat detection capabilities and ensuring that security operations stay one step ahead of emerging threats. \n\n What Youll Do \n Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. \n Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. \n Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring and detection coverage. \n Drive threat hunting activities and develop hypotheses based on attacker TTPs and frameworks like MITRE ATT&CK. \n Collaborate with incident response, engineering, and intelligence teams to contain and resolve security incidents. \n Support continuous improvement of detection strategies and mentor analysts to uplift overall team capability. \n\n What Youll Bring \n Solid background in threat detection, SOC operations, or incident response. \n Deep understanding of SIEM, EDR, and cloud-native security tooling (e.g., Microsoft Sentinel, Defender, GuardDuty, Chronicle). \n Hands-on experience developing and tuning detection content for cloud and hybrid environments. \n Strong grasp of adversarial tactics and techniques and how they translate to real-world detection logic. \n Excellent analytical and communication skills, with a calm and structured approach to problem-solving. \n\n Nice to Have \n Experience in threat hunting or purple teaming. \n Familiarity with automation or detection-as-code approaches. \n Certifications such as GCDA, GCIH, or AZ-500 are a plus.

Title : Privileged Access Management Engineer Client : Banking \n Salary : £450-£550 p/d Inside IR35\n Location : London \n\n Responsibilities: \n Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR). \n Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure. \n Automated account management processes, including credential updates, session tracking, and approval workflows. \n Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. \n\n The successful candidate will have the following skills/experience \n Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk \n Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows. \n Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity \n Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

Title : Privileged Access Management Engineer Client : Banking \n Salary : £450-£550 p/d Inside IR35\n Location : London \n\n Responsibilities: \n Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR). \n Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure. \n Automated account management processes, including credential updates, session tracking, and approval workflows. \n Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. \n\n The successful candidate will have the following skills/experience \n Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk \n Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows. \n Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity \n Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

Title : Privileged Access Management Engineer Client : Banking Salary : 450-550 p/d Inside IR35 Location : London Responsibilities: • Defined and executed the Privileged Access Management strategy, ensuring alignment with regulatory frameworks (SOX, NIST, ISO 27001, GDPR)., • Implemented and maintained secure access tools, integrating them with identity systems, monitoring platforms, and IT infrastructure., • Automated account management processes, including credential updates, session tracking, and approval workflows., • Conducted regular access reviews, addressed potential security gaps, and supported investigations of elevated access incidents. The successful candidate will have the following skills/experience • Over 5 years of experience in Identity and Access Management, specializing in Privileged Access Management solutions(e.g. CyberArk, • Hands-on experience with automation and scripting using PowerShell and Python to streamline workflows., • Strong knowledge of Fixed Income products, bond pricing, hedging, market connectivity, • Certifications (CISSP, CISM, CyberArk Defender/Sentinel, or other vendor-specific PAM credentials).

This role will play a vital part in helping the Identity and Authentication team drive change across hundreds of applications, ensuring alignment with modern security practices, including Microsoft Entra ID and SailPoint, Microsoft Sentinel, Privileged Access Management etc.To be successful in the r

Configure and maintain Sentinel workspaces aligned with Council tenancy and compliance requirements. Collaborate with the Service Desk to triage and escalate Sentinel alerts. Im looking for someone that has recent Sentinel and Defender experience and is a SME in this area.

Salary - 80-90k + Bonus + Benefits \n \n \n This is a wide ranging role where youll be responsible for both Engineering and Analysis; monitoring and responding to incidents whilst also developing new detection rules and enhancing their monitoring infrastructure and tooling. \n\n This is a cloud-native SOC capability, based in Azure with a big emphasis on the Microsoft E5 suite of security monitoring and detection tooling. This is an incredible opportunity for an experienced SecOps specialist with experience of both SecOps Analysis and Engineering to join an established yet growing firm at a crucial point as they completely build out their Information and Cyber Security capability. \n\n\n Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack Defender, Sentinel, KQL, etc. \n Experience working in hybrid-cloud SOC environments Azure preferably. \n Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. \n\n\n If youre an experienced SecOps Specialist, looking to shape how one of the most innovative HealthTech firms build out their cyber defence capability and leave a lasting impact on one of the most reputable organisations whilst working alongside a team of genuine Cyber Security SMEs, click the to apply or get in touch directly j.

Salary - 80-90k + Bonus + Benefits \n \n \n This is a wide ranging role where youll be responsible for both Engineering and Analysis; monitoring and responding to incidents whilst also developing new detection rules and enhancing their monitoring infrastructure and tooling. \n\n This is a cloud-native SOC capability, based in Azure with a big emphasis on the Microsoft E5 suite of security monitoring and detection tooling. This is an incredible opportunity for an experienced SecOps specialist with experience of both SecOps Analysis and Engineering to join an established yet growing firm at a crucial point as they completely build out their Information and Cyber Security capability. \n\n\n Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack Defender, Sentinel, KQL, etc. \n Experience working in hybrid-cloud SOC environments Azure preferably. \n Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. \n\n\n If youre an experienced SecOps Specialist, looking to shape how one of the most innovative HealthTech firms build out their cyber defence capability and leave a lasting impact on one of the most reputable organisations whilst working alongside a team of genuine Cyber Security SMEs, click the to apply or get in touch directly j.

Security Operations Lead - Fintech - Trading Hybrid Working - 3 days in London office \n\n As SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. \n\n Lead incident response efforts during security events — coordinating across teams to achieve fast containment and recovery. \n Review and fine-tune security alerts with the MDR provider, reducing false positives and improving detection accuracy. \n Develop and monitor MDR performance metrics (KPIs) , presenting insights and trends to senior leadership. \n Maintain and evolve the security incident response plan (IRP) and playbooks in collaboration with the MDR provider. \n Translate technical security risks into actionable business recommendations for stakeholders at all levels. \n Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). \n\n Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. \n Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. \n Experience with cloud security principles in AWS, Azure, or GCP. \n Ability to interpret and apply threat intelligence to improve controls and detection coverage.

As a Cyber Security Engineer, you will play a crucial role in safeguarding our clients’ digital assets and infrastructure from cyber threats. Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. \n Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. \n Exposure to SOAR tools, observability tools and data stream processing tools \n Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. \n Experience in writing content / polices for monitoring in line with MITRE ATT&CK framework \n Familiarity with regulatory requirements such as GDPR, HIPAA, PCI DSS, and industry standards like NIST Cybersecurity Framework.

As a Cyber Security Engineer, you will play a crucial role in safeguarding our clients’ digital assets and infrastructure from cyber threats. Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. \n Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. \n Exposure to SOAR tools, observability tools and data stream processing tools \n Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. \n Experience in writing content / polices for monitoring in line with MITRE ATT&CK framework \n Familiarity with regulatory requirements such as GDPR, HIPAA, PCI DSS, and industry standards like NIST Cybersecurity Framework.

IT Security Engineer Feltham (Hybrid)\n£50,000 Base + Benefits \n\n Overview \n The IT Security Engineer is responsible for designing, implementing, and maintaining the security controls that protect the organization’s systems, networks, and data. This role works closely with IT, DevOps, and business teams to ensure that security is embedded throughout technology operations and architecture. The IT Security Engineer is key to detecting, preventing, and responding to cybersecurity threats in a proactive and efficient manner. \n\n Key Responsibilities: \n Security Architecture & Implementation \n Design, deploy, and manage security solutions including firewalls, intrusion detection/prevention systems, endpoint protection, SIEM, and identity management platforms. \n Implement secure network architecture and enforce segmentation and least-privilege access controls. \n Support secure cloud environments across Azure, AWS, or GCP (e.g., IAM, security groups, encryption, KMS). \n\n Threat Detection & Incident Response \n Monitor and analyze security alerts and network traffic for threats or suspicious activity. \n Lead or support incident response activities: investigation, containment, eradication, recovery, and reporting. \n Conduct root cause analysis and implement security hardening improvements. \n\n Vulnerability & Risk Management \n Run regular vulnerability scans and penetration testing activities; track remediation of findings. \n Evaluate risks and recommend security enhancements or compensating controls. \n Maintain asset inventories and ensure patching and configuration baselines are followed. \n\n Security Governance & Compliance \n Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. \n Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). \n Develop and maintain documentation for policies, procedures, architecture, and runbooks. \n\n Collaboration & Knowledge Sharing \n Work with IT operations, cloud, and development teams to embed security in system and application designs. \n Provide expert security guidance during solution design, procurement, and change reviews. \n Support security awareness training and communicate best practices to employees. \n\n Qualifications \n Education: Bachelor’s degree in information security, Computer Science, Networking, or a related field. \n Experience: 3+ years’ experience in cybersecurity, network engineering, or IT infrastructure security roles. \n Certifications (Preferred): CompTIA Security+, CEH, OSCP, CISSP, CCSP, Azure/AWS security certifications. \n\n Skills & Competencies \n Strong knowledge of network security (TCP/IP, VPNs, DNS, firewalls). \n Experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR platforms. \n Familiarity with scripting or automation (PowerShell, Python, Bash). \n Understanding of secure cloud architecture and Zero Trust principles. \n Ability to analyze complex technical issues and communicate clearly to technical and non-technical audiences.

Security Operations Lead - Fintech - Trading Hybrid Working - 3 days in London office \n\n As SecOps Lead , you will act as the main liaison between internal security, engineering, and IT teams, and an external Managed Detection and Response (MDR) partner. You’ll oversee incident management, enhance detection and response processes, and strengthen the company’s overall security posture. \n\n Lead incident response efforts during security events — coordinating across teams to achieve fast containment and recovery. \n Review and fine-tune security alerts with the MDR provider, reducing false positives and improving detection accuracy. \n Develop and monitor MDR performance metrics (KPIs) , presenting insights and trends to senior leadership. \n Maintain and evolve the security incident response plan (IRP) and playbooks in collaboration with the MDR provider. \n Translate technical security risks into actionable business recommendations for stakeholders at all levels. \n Contribute to broader cybersecurity initiatives , including vulnerability management, cloud security, data protection, and governance, risk & compliance (GRC). \n\n Hands-on experience with SIEM tools such as Splunk, Sentinel, or QRadar — including log analysis and data correlation. \n Working knowledge of network security , including protocols, firewalls, IDS/IPS, and traffic analysis. \n Experience with cloud security principles in AWS, Azure, or GCP. \n Ability to interpret and apply threat intelligence to improve controls and detection coverage.

As a Cyber Security Engineer, you will play a crucial role in safeguarding our clients’ digital assets and infrastructure from cyber threats. Proven experience in cyber security engineering or related roles, with a strong understanding of network security principles, protocols and technologies. \n Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. \n Exposure to SOAR tools, observability tools and data stream processing tools \n Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. \n Experience in writing content / polices for monitoring in line with MITRE ATT&CK framework \n Familiarity with regulatory requirements such as GDPR, HIPAA, PCI DSS, and industry standards like NIST Cybersecurity Framework.