Find your next tech and IT Job or contract Endpoint detection and response (EDR) in England

Job Title: Lead Threat Detection Analyst - Operational Technology (OT) Location: Preston. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience What you'll be doing: Delivery of core triage function as part of protective monitoring services across a range of networks/services focusing on Operational Technology (OT) Overseeing and contributing to the analysis and escalation of security threats and incidents identified on OT systems Coordinate with Cyber Operations teams to respond to identified security threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service development Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience of working within Security Operations or equivalent roles Experience with Operational Technology environments Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ENGAGE etc.) in an operational environment A good level of knowledge and proficiency in the use of SIEM platforms, tools and analytical techniques Innovative approach to analysing and solving problems Desirable: Industry recognised qualification (OSDA, GIAC etc.) or equivalent proven industry experience Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 26th August 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-SH1 #LI-Hybrid

IT Infrastructure Operations and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organization's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security, cloud network and API security for robust protection across all assets • Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience • Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Global Software Patching and estate management via Intune • Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience • Software Defined Networking (Cisco, Meraki, Versa) Key Skills • Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). • Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. • Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. • IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimizing service delivery. Operational & Leadership Skills: • IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. • Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. • Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. • Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: • Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. • Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. • Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: The following is a summary of the key skills that the Client would like you to bring to the company. Global Enterprise level Infrastructure Management position for the last 5 years, Buy before Build mentality and demonstrable migration of Legacy VM based estates to SaaS and Azure Cloud services platforms, Global Operational team management experience (human resources, strategic delivery, operational service, audit lead for Infra, budget, etc.) Key 3rd party operational infrastructure vendor management - ie management of managed service partners as a team extension globally, as well as service/solution delivery partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy Infra tech to Azure knowledge/experience, Prior to the last 5 years in Enterprise Management of a global estate/user-base, a demonstrable technical infrastructure engineering level background, working on Windows Server, AD, SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and experiences: Essential A extensive technical background with a detailed knowledge of cyber security, computer networks and operating systems Broad and detailed experience of technologies including but not limited to DNS, Certificate Transparency, firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy systems Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Desirable Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy system Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 5th September 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-NP1 #LI-Hybrid

Cyber Security Analyst Ashby-de-la-Zouch - Hybrid Up to £40,000 VIQU have partnered with a dynamic organisation that are looking for a Cyber Security Analyst to join their growing IT team. This is a pivotal role in strengthening the organisation's cyber defences and risk management framework, ensuring systems, networks, and applications are secure against evolving threats. Key Responsibilities of the Cyber Security Analyst: Support the design, implementation, and management of cyber security technologies across the business Monitor and respond to security incidents, alerts, and helpdesk requests, maintaining robust threat detection Conduct vulnerability assessments, penetration testing, and phishing simulations to identify and mitigate risks Collaborate closely with IT teams to embed security best practices into system management and project delivery Stay up to date with emerging cyber threats and recommend improvements to strengthen the organisation's security posture Promote cyber awareness across colleagues, ensuring everyone understands their role in protecting systems and data Experience Required of the Cyber Security Analyst: Demonstrable experience in cyber security or information security, with knowledge of standards such as Cyber Essentials or ISO 27001 Familiarity with endpoint protection, network security, application security, and vendor risk management Experience with CrowdStrike or similar security platforms is advantageous Proactive approach to learning and implementing security best practices Excellent communication skills, capable of liaising with colleagues at all levels

Microsoft Intune and Windows 365 Subject Matter Expert (SME) Candidates will be expected to demonstrate that they meet these requirements within their application, and during the interview process. Due to the nature of the work that the M365 team must cover; it is imperative that candidates are able to operate with initiative, leadership and a strong work ethic. This role requires the candidate to act independently as a trusted advisor on all matters relating to Windows 365 and Microsoft Intune. Act as the Microsoft Windows 365 Subject Matter Expert (SME) Administrator The Microsoft Windows 365 SME must have in depth knowledge and experience of working with Windows 365, and will be solely responsible for managing, maintaining, and troubleshooting all elements pertaining to the Windows 365 Cloud PCs. The role will cover reactive support and proactive activities to include design solutioning in accordance with project requirements. The Windows 365 SME will be able to demonstrate knowledge and experience in the following areas: · Windows 365 provisioning - to include how this is handled and the various options, such as gallery image type, Single Sign On (SSO), SKU types etc. · Onboarding/off boarding users - This process will be owned by the Windows 365 SME and as such, an understanding of how this works, how it triggers the provisioning process, and licensing requirements is essential. · Knowledge and experience of how to re-size Windows 365 Cloud PCs. · Knowledge and experience of how to re-provision Windows 365 Cloud PCs. · Knowledge and experience of managing Windows 365 Cloud PC restore points. · Knowledge and experience of managing and troubleshooting the Windows client operating system (Windows 11). Act as the Microsoft Intune Subject Matter Expert (SME) Administrator · Maintain the Intune Security policies (investigation and testing of the current policy conflicts) The Microsoft Intune SME must have in depth knowledge and experience of working with Microsoft Intune, and will be solely responsible for managing, maintaining, and troubleshooting all elements pertaining to Microsoft Intune. The role will cover reactive support and proactive strategy, not only investigating and resolving immediate operational challenges but also driving forward the architecting, designing, and implementation of robust Windows 365 and Intune solutions tailored to project needs. The Microsoft Intune SME will be able to demonstrate knowledge and experience in the following areas: · Autopilot. · Enrolment. · Configuration policy profiles - settings catalogue, templates, custom etc. To include managing Intune policy conflicts - highlight, troubleshoot, resolve and/or make recommendations. · Security Baselines - To include managing Intune policy conflicts - highlight, troubleshoot, resolve and/or make recommendations. · Endpoint Security - Antivirus, Account Protection, Disk encryption, App control for Business etc. · Windows Update Rings and Autopatch. · Platform scripts. · Detection and Remediation scripts. · Microsoft Defender for endpoint. · Reporting - Monitor the health and activity of endpoints. · Microsoft Intune Application management - Store apps, win32 apps etc - This should include knowledge of the Microsoft Company Portal, and it's role supporting end users (available apps, compliance status etc). · Assignment of user and device group memberships, to include the creation and management of user and device dynamic membership rules. · Compliance policies - must also understand how compliance can integrate with conditional access. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Lead Cyber Security Operations Analyst Location: Manchester (Hybrid/Office-based) Contract: Permanent Salary: £60,000 - £67,000 + 10% car allowance (paid monthly) + up to 20% performance bonus About the Role We're working with a leading energy organisation in Manchester that operates the UK's largest smart meter network. Regulated by OFGEM and backed by government and private shareholders, this is a fast-paced, dynamic, and sometimes chaotic environment where priorities can shift quickly. It's an exciting place to work for someone looking to make a real impact and grow their career internally over time. As a Lead Cyber Security Operations Analyst , you'll join the Security Operations Centre and play a critical role in leading security investigations, developing detection content, and advancing operational security capabilities across the business. You'll collaborate with Risk, Technology, and Operations teams, provide subject matter expertise, and help shape the SOC's strategy and processes. Key Responsibilities Act as the technical escalation point for the SOC, leading security incidents and advising on containment, mitigation, and system hardening. Provide operational oversight for day-to-day SOC activities, ensuring incidents are escalated appropriately and recurring issues are addressed. Support team development through mentoring junior analysts, delivering technical training, and facilitating tabletop exercises. Lead use case development, approve tasks, and develop new detection content including machine learning analytics and security automation. Maintain and update SOC documentation, processes, procedures, and operational metrics/dashboard reporting.

Cyber Security Manager Our Client to be secured and protected from increased cyber threats and compliant to industry standards. This role covers information protection, including data loss protection and data classification, and threat protection, including security information and event management (SIEM), user and entity behaviour analytics (UEBA), point products like anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) and penetration testing. The Service Delivery team consists of approximately 20 staff who support and operate the Company’s services and there is an opportunity in that team for a Cyber Security Manager to oversee and govern all security services. Reporting Lines This role reports to Head of Service Delivery Main Accountabilities Technical leadership for all security solutions, including all the 3rd party managed services Maintain the overall security of Company’s network, systems, and data Monitor security access and manage IDS/IPS configurations Establishing and implementing security 'best-practice' standards as well as departmental policies and procedures Responsible for Security scanning and the efficient remediation of vulnerabilities Responsible for analysing all security incidents to determine root cause Determine, recommend, and implement upgrade security measures and controls Delivery security responses for customer and client compliance requirements Developing and managing security plans with vendors Audit activities of administrators and conduct Security awareness training Requirements Demonstrable skills and capability in Security leadership and 3rd party management experience CISSP certification preferred. Compliance knowledge required in ISO27001, PCI and GDPR. Possibly a certified ethical hacker Knowledge of Security technologies is essential, such as network appliances, firewall administration, AD, IAM, PAM, SIEM, UEBA, AV, IDS/IPS and MDM solutions Understanding of common frameworks, such as ITIL or LEAN is preferred Good exposure of user environment management, including desktops/laptops, profile management, access control methodologies Must be very proactive in understanding and staying up to date with current security technologies and industry technology trends The job/Client is located at our head office in Paddington, London with hybrid working The Client holds a Licence to Sponsor (grade A) and will always consider sponsoring employees if needed We welcome applications from Ukrainian Refugees The salary for this position is circa £70K - £80K plus Benefits. Please do send your CV to us in Word format along with your salary.