Find your next tech and IT Job or contract Endpoint detection and response (EDR) in England

Job Title: Senior Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary; Circa £50,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Act as a mentor and as an escalation point within the team for technical queries Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems Escalate suspected major security incidents / investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems Contribute to and help define requirements for future security capabilities along with the Lead Analyst Your skills and experiences: Essential: Technical background with experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, Networking, Cloud and Vulnerability Management Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments Previous experience working within Cyber Operations utilising SIEM platforms Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 14th January 2026 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. "Due to the festive season, there may be a delay in the processing of your application. Your application is important to us, and we will respond as soon as possible. Thank you for your understanding." #LI-SH1 #LI-Hybrid

Job Title: Lead Threat Detection Analyst Location: Preston. (On-Site). Salary: Circa £59,000 depending on experience and skills What you'll be doing: Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Overseeing and contributing to the analysis and escalation of security threats and incidents identified Coordinate with Cyber Operations teams to respond to identified security threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience of working within Security Operations or equivalent roles Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ENGAGE etc.) in an operational environment A good level of knowledge and proficiency in the use of SIEM platforms, tools and analytical techniques. Innovative approach to analysing and solving problems Desirable: Industry recognised qualification (OSDA, GIAC etc.) or equivalent proven industry experience Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 3rd December 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-SH1 #LI-Onsite

***SC CLEARED*** Defender Administrator 2 Month contract initially Based: Hybrid, with onsite in Warrington or Gloucester Rate: £400 - £450 p/d - (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Defender Administrator to join the team. Key Responsibilities: To Migrate Symantec/McAfee Legacy Antivirus Solution to Microsoft Windows Defender (ATP) on Windows and Linux servers. Responsible- * To validate the current AV exclusion policy in estate. * Implement MDE policies * AAD devices group creation to implement exclusion and policy deployment. * Creating migration approach that is best suited for complex nuclear sensitive environment. * Network connectivity testing between source and destination. * Defender Installation File creation and distribution. * Leading discussion with the Image management team for MDE image that would be used for Auto scaling environment. Key Skills & Experience: * Hands on Experience onboarding MS and Linux server to Microsoft Defender * Must have managed complex migration * Must have AV exclusion management skills * Have knowledge and experience with Microsoft technologies such as but not limited to: Microsoft Defender for server, Microsoft Defender for O365, Microsoft Defender for Identity, Microsoft 365 Defender and Microsoft Cloud App Security * Good knowledge around server Detection and Response (EDR), Threat & Vulnerability Management (TVM), Attack Surface Reduction (ASR), and Auto Investigation and Remediation (AIR) * Experience with Symantec server Protection (SEPM) * Experience in McAfee/ Windows Defender Antivirus Policy, Group and Task Configuration * In depth knowledge of Windows operating systems including Client (7/8/10) and Server OS (2008/2012/2016) and Linux - RHEL * Documenting the deployment approach * Documenting and creating MDE policy * Investigative and analytical problem-solving skills across Windows Infrastructure * Developing, coordinating, and maintaining organizational security procedures, processes, and practices and supporting security documentation activities. * Remove legacy Antivirus solution from Servers * Hands on Experience in deploying ATP Package through GPO, SCCM or through Intune * Good Understanding of Threat analysis, Threat Hunting, and remediating security issues on End Points * Hands on Experience on Creation of Policy, file Exclusions, Monitoring Dashboard, Reporting. etc * End to end Support Coverage for Microsoft Defender * Ensure High level of Security controls are deployed on end points as per the best practices This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

What You'll Do Work in a cross-functional Agile team to design, develop, and deploy solutions. Build and maintain CI/CD pipelines and infrastructure as code. Collaborate with stakeholders to understand requirements and deliver secure, reliable systems. Automate workflows and improve deployment processes. Troubleshoot and resolve issues across development and production environments. Contribute to continuous improvement and share knowledge with the team. Stay up to date with emerging technologies and best practices in DevOps and security. What We're Looking For Experience in DevOps or DevSecOps environments. Strong skills in cloud platforms (AWS, GCP, or Azure) and infrastructure as code (Terraform, Ansible). Proficiency in CI/CD tools (GitHub Actions, Jenkins, CircleCI). Solid understanding of Linux systems and scripting (Bash, PowerShell, Python). Familiarity with security principles , SIEM/SOC tools, or incident response. Knowledge of networking fundamentals and APIs. Excellent problem-solving and communication skills. Nice to Have Experience with containerization (Docker, Kubernetes). Exposure to monitoring tools (Grafana, Datadog). Cloud certifications or security accreditations. Understanding of Agile methodologies. Interest in automation, security testing, or threat detection. To find out more about Computer Futures please visit Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC387148 England and Wales

Cyber Security Manager Our Client to be secured and protected from increased cyber threats and compliant to industry standards. This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing. The Service Delivery team consists of approximately 20 staff who support and operate the Company’s services and there is an opportunity in that team for a Cyber Security Manager to oversee and govern all security services. Reporting Lines This role reports to Head of Service Delivery Main Accountabilities Technical leadership for all security solutions, including all the 3rd party managed services Maintain the overall security of Company’s network, systems, and data Monitor security access and manage IDS/IPS configurations Establishing and implementing security 'best-practice' standards as well as departmental policies and procedures Responsible for Security scanning and the efficient remediation of vulnerabilities Responsible for analysing all security incidents to determine root cause Determine, recommend, and implement upgrade security measures and controls Delivery security responses for customer and client compliance requirements Developing and managing security plans with vendors Audit activities of administrators and conduct Security awareness training Requirements Demonstrable skills and capability in Security leadership and 3rd party management experience CISSP certification preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile management, access control methodologies Must be very proactive in understanding and staying up to date with current security technologies and industry technology trends The job/Client is located at our head office in Paddington, London with hybrid working The Client holds a Licence to Sponsor (grade A) and will always consider sponsoring employees if needed We welcome applications from Ukrainian Refugees The salary for this position is circa £70K - £80K plus Benefits. Please do send your CV to us in Word format along with your salary.

AI / ML Architect 6 Month contract initially Based: Mostly remote with, with 2 days onsite p/w in London, Flexible. Rate: £525 - £550 p/d - (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for AI / ML Architect's to join the team. An AI/ML Developer is responsible for designing, building, and deploying machine learning models and AI solutions that solve business problems. This role focuses on coding, data preparation, and integrating models into production systems. Key Responsibilities: Model Development * Design, build, and train machine learning models for predictive analytics, classification, NLP, computer vision, or other AI applications. * Experiment with algorithms and optimize hyperparameters for performance. Data Preparation * Collect, clean, and preprocess large datasets for training and validation. * Implement feature engineering and data augmentation techniques. Integration & Deployment * Develop APIs or services to integrate ML models into production systems. * Work with MLOps tools for model deployment, versioning, and monitoring. Performance Optimization * Evaluate models using metrics like accuracy, precision, recall, F1-score. * Optimize models for scalability, latency, and resource efficiency. Collaboration * Work closely with data scientists, software engineers, and product teams to translate business requirements into ML solutions. * Document workflows and maintain reproducibility. Research & Innovation * Stay updated with the latest AI/ML frameworks, libraries, and research. * Experiment with emerging technologies like deep learning, reinforcement learning, and generative AI. Compliance & Ethics * Ensure data privacy, security, and adherence to ethical AI practices. * Implement bias detection and mitigation strategies. Key Skills & Experience: * 10+ years of experience in software engineering, with 5+ years in AI/ML. * Expert in Python, PyTorch, TensorFlow, and NLP frameworks. * Proven experience with LLMs, transformer architectures, and LangChain/Hugging Face. * Strong foundation in algorithms, model evaluation, and ML workflows * * Deep understanding of BFSI processes: risk management, regulatory compliance, AML/KYC. * Strong knowledge of cloud platforms, containerization (Docker/Kubernetes), and secure coding practices. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Platform Engineering & Delivery: Own the architecture and delivery of shared platform components (APIs, developer tools, cloud infrastructure, CI/CD pipelines, shared services) and production environments that enable high-quality digital services. Ensure platforms are highly available, fault-tolerant, and performant , supporting 24/7 operations and rapid recovery in the event of failure. As the range of products and platforms grows, the need for robust, high-performance, and cost-effective shared solutions for support, live monitoring, incident management, and continuous improvement of services will become increasingly critical. Drive adoption of modern engineering practices , including containerisation, microservices, and automated observability. Cyber Security: Define and implement the cyber security strategy for GDS platforms, embedding zero-trust principles and advanced threat detection. Ensure compliance with NCSC guidance, ISO standards, and relevant government security frameworks. Lead on secure-by-design architecture , encryption standards, and identity management. Critical Infrastructure Resilience: Establish and mature robust live service operations , including real-time monitoring, automated alerting, and incident response protocols. Build resilience into every layer of the stack, from network to application, ensuring continuity of service under extreme load or attack scenarios. Oversee disaster recovery planning and execution for nation-scale systems. Technical Governance and Roadmap: Own the technical roadmap for platform and infrastructure services, ensuring alignment with government priorities and emerging technologies. Set and enforce engineering standards for scalability, interoperability, and cost-efficiency. Team Leadership: Lead multidisciplinary teams of engineers, architects, and cyber specialists. Foster a culture of technical excellence, innovation, and accountability , with a strong focus on continuous improvement and knowledge sharing. Stakeholder Engagement: Work with senior leaders across government and industry to ensure platforms meet user needs and support transformation goals. Represent GDS in cross-government forums on cyber security, resilience, and digital infrastructure.

AI Engineers 6 Month contract initially Based: Mostly remote with, with 3 days onsite p/w in Redhill, Flexible. Rate: £575 - £600 p/d - (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for AI Engineer's to join the team. The AI Engineer will spearhead AI-driven innovation across insurance, annuities, and retirement solutions, focusing on risk modelling, claims automation, fraud detection, customer engagement, and personalized retirement planning. This role ensures the development and deployment of AI solutions that improve operational efficiency, regulatory compliance, and customer trust while leveraging advanced analytics and automation. Key Responsibilities: * Design, develop, and optimize RAG-based solutions integrating retrieval systems with large language models. * Build and maintain applications using LangChain to orchestrate complex AI workflows. * Implement and manage vector databases (e.g., FAISS, Pinecone, Weaviate, Milvus) for fast similarity search and retrieval. * Develop embedding pipelines for unstructured data using models like Sentence Transformers, OpenAI, or Hugging Face. * Collaborate with data scientists and software engineers to create scalable AI-powered applications. * Fine-tune and evaluate large language models for specific use cases and domain adaptation. * Optimize retrieval and generation workflows for performance, accuracy, and cost-efficiency. * Stay updated on the latest advancements in generative AI, retrieval techniques, and vector search technology. * Collaborate with cross-functional teams to integrate AI models into products. * Stay updated with the latest advancements in AI and machine learning technologies. * Conduct research to improve existing AI systems and develop new approaches. * Knowledge of NLP, computer vision, or reinforcement learning. * Experience deploying AI models in production environments. Key Skills & Experience: * Proven experience in AI, machine learning, or deep learning. * Proficiency in programming languages such as Python, R, or Java. * Experience with AI frameworks like TensorFlow, PyTorch, or Keras. * Experience with large language models (GPT, BERT, etc.) * Fine-tuning and prompt engineering * Experience with vector similarity search * Knowledge of popular vector DBs: Pinecone, Weaviate, FAISS, Vespa, Milvus * Generating and managing embeddings (using models like SentenceTransformers, OpenAI, Hugging Face) * Familiarity with LangChain for building LLM-powered applications * Ability to create chains, prompts, and agents This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role: Soc Analyst Rate: Inside IR35 Location: Full time onsite in either Milton Keynes or East Kilbride Duration: 12 months SC clearance required + willing to go through higher clearance Key Responsibilities Continuous Monitoring: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage: You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response: For confirmed incidents, you'll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Reporting and Documentation: You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis. Managing: You'll provide direction and support to the junior member of the shift and provide handover to the next shift leader. Tool Management: You will assist in the maintenance and optimization of security tools, ensuring they are working correctly and effectively. Experience of SPLUNK within a Security Operations Centre (SOC). Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.