Find your next tech and IT Job or contract Endpoint detection and response (EDR) in England

***SC CLEARED*** Security Analyst / Detection Engineer 4 Month contract initially Based: Remote/Corsham - Max 3 days p/w onsite Rate: £500 - £537 p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Security Analyst / Detection Engineer to join the team for an initial 4 month contract. The ideal candidate will have good Security analyst skills, knowledge of working in a SOC environment beneficial, knowledge of defence environment and culture. You will have the ability to operate standard SOC tools (SIEM), incident investigation, detection engineering Embedded with an existing Customer SOC. Key Responsibilities: * Conduct reactive monitoring of the networks to deliver a layered, agile cyber defence capability across all security domains. * Manage and triage alerts; conduct impact assessments and develop mitigating strategies to be briefed up the chain of command. * Improve and comply all extant cyber security policies, procedures and orders, review and amend when required. * Maintain and share knowledge of current cyber issues, vulnerabilities and exploits through research, technical reports and briefs Key Skills & Experience: * Experienced Tier 2 SOC analyst * Knowledge of Data networks * Knowledge & experience with SIEM tool sets and security management tools. Desirable Security Qualifications: CompTIA S+/N+/CySA+, AWS, MS, SANS, CISSP etc. * Ideally have some experience with UK defence or military space. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

CrowdStrike SME 6 Month contract initially Based: Hybrid/London - Max 2-3 days p/w onsite Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a CrowdStrike SME to join the team. We are seeking a skilled CrowdStrike EDR Security Engineer to join our cybersecurity team. The role involves managing and optimizing CrowdStrike's Endpoint Detection and Response (EDR) solutions to enhance endpoint security, threat detection, and incident response. You will be responsible for deployment, configuration, and ongoing management of the CrowdStrike Falcon platform while collaborating with IT and security teams to ensure continuous endpoint protection.A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defense. Key Responsibilities: * Deploy, configure, and maintain CrowdStrike Falcon EDR solutions across endpoints in the organization including cloud deployments. * Monitor and analyse alerts from the CrowdStrike EDR system, identify potential threats, and perform initial triage and response. * Investigate security incidents using CrowdStrike Falcon to detect and respond to malware, exploits, and other advanced threats. * Collaborate with SOC (Security Operations Center) and other security teams to resolve incidents. * Proactively identify vulnerabilities and security gaps in endpoint configurations and recommend remediation. * Develop security policies and strategies for endpoint protection and threat hunting within the organization. * Create reports to provide actionable insights to senior management regarding threat trends and security incidents. * Stay updated on the latest cybersecurity trends, endpoint attack vectors, and CrowdStrike feature updates. * Oversee and enhance the security posture of our cloud environments (AWS) * Knowledge about Crowdstrike CSPM tools and compliance with cloud security standards and best practices. * Collaborate with cloud engineers, security teams, and DevOps to continuously monitor and improve customers cloud infrastructure's security. * Report CrowdStrike compliance against the total endpoints in customer environment and constantly work to improve the same. * Support investigation of Critical and Major incidents (P1 & P2) on 24*7 on call support. * To lead small-to-medium sized technical teams for BAU support as well as specific initiatives (projects, lifecycle work, PoCs) and to provide the expert guidance required to drive technical developments in these initiatives. Key Skills & Experience: * Strong and Proven experience in CrowdStrike Falcon EDR platform. * Strong knowledge of malware analysis, threat intelligence, and incident response. * Familiarity with threat hunting methodologies and cyber kill chain. * Experience working with Security Information and Event Management (SIEM) solutions. * Strong analytical skills with the ability to assess complex security data. * Hands-on experience with CSPM tools such as Prisma Cloud, AWS Security Hub, Azure Security Center, or Dome9. * Strong knowledge of cloud security frameworks and best practices (e.g., CIS benchmarks, NIST, NISD, ISO). * Experience with cloud service providers (AWS) and their security features. * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix. * Strong verbal & written communication, Good interpersonal skills and Exceptional Customer engagement skills are crucial to success in this role. * Proficiency in preparation of reports, dashboards, and documentation. Desirable skills/knowledge/experience: * CrowdStrike certification/s. * Proven experience in other EDR and AV solutions such as Microsoft Defender, Trend Micro etc. * Proven use of modern security tooling in real-world projects. * Experience in agile delivery teams and cross-functional collaboration. * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT. * Azure Security Engineer Associate / AWS Security Specialty. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

CrowdStrike & MS Defender SME 6 Month contract initially Based: Hybrid/London - Max 2-3 days p/w onsite Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a CrowdStrike & MS Defender SME to join the team. We are seeking a skilled Endpoint Security SME experienced in CrowdStrike and MS Defender (including MS Defender for Identity), managing both Server and End User Computing environments to join our cybersecurity team. The role involves managing and optimizing CrowdStrike and Defender's Endpoint Detection and Response (EDR) solutions to enhance endpoint security, threat detection, and incident response. You will be responsible for deployment, configuration, and ongoing management of both CrowdStrike Falcon platform and MS Defender while collaborating with IT and security teams to ensure continuous endpoint protection. A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defence. Key Responsibilities: * Deploy, configure, and maintain CrowdStrike Falcon and MS Defender EDR (including MS Defender for Identity) solutions across endpoints in the organization including cloud deployments. * Monitor and analyse alerts from CrowdStrike and MS Defender EDR systems, identify potential threats, and perform initial triage and response. * Investigate security incidents using CrowdStrike Falcon and MS Defender to detect and respond to malware, exploits, and other advanced threats. * Collaborate with SOC (Security Operations Center) and other security teams to resolve incidents. * Proactively identify vulnerabilities and security gaps in endpoint configurations and recommend remediation. * Develop security policies and strategies for endpoint protection and threat hunting within the organization. * Create reports to provide actionable insights to senior management regarding threat trends and security incidents. * Stay updated on the latest cybersecurity trends, endpoint attack vectors, and CrowdStrike feature updates. * Oversee and enhance the security posture of our cloud environments (AWS) * Knowledge about Crowdstrike CSPM tools and compliance with cloud security standards and best practices. * Collaborate with cloud engineers, security teams, and DevOps to continuously monitor and improve customers cloud infrastructure's security. * Report CrowdStrike and Defender compliance against the total endpoints in customer environment and constantly work to improve the same using KQL scripts. * Support investigation of Critical and Major incidents (P1 & P2) on 24*7 on call support. * To lead small-to-medium sized technical teams for BAU support as well as specific initiatives (projects, lifecycle work, PoCs) and to provide the expert guidance required to drive technical developments in these initiatives. Key Skills & Experience: * Strong and Proven experience in CrowdStrike Falcon and MS Defender (including MS Defender for Identity) EDR platform. * Strong knowledge of malware analysis, threat intelligence, and incident response. * Familiarity with threat hunting methodologies and cyber kill chain. * Experience working with Security Information and Event Management (SIEM) solutions. * Strong analytical skills with the ability to assess complex security data. * Hands-on experience with CSPM tools such as Prisma Cloud, AWS Security Hub, Azure Security Center, or Dome9. * Strong knowledge of cloud security frameworks and best practices (e.g., CIS benchmarks, NIST, NISD, ISO). * Experience with cloud service providers (AWS) and their security features. * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix. * Strong coding skills in programming languages such as Python, Java, or C++ for scripting and automation tasks. * Strong verbal & written communication, Good interpersonal skills and Exceptional Customer engagement skills are crucial to success in this role. * Proficiency in preparation of reports, dashboards, and documentation. Desirable skills/knowledge/experience: * Certification/s in CrowdStrike, MS Defender. * Proven use of modern security tooling in real-world projects. * Experience in agile delivery teams and cross-functional collaboration. * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT. * Azure Security Engineer Associate / AWS Security Specialty. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Threat and Exposure Management SME 6 Month contract initially Based: Hybrid/London. Maximum of 2-3 days onsite p/w. Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Threat and Exposure Management SME to join the team. Responsible for the end-to-end vulnerability management process, including assessing systems, analysing risks, prioritizing fixes, and tracking remediation across IT and cloud platforms. This role is a key connector between security operations and business stakeholders, focusing on minimizing critical risks, reducing the overall attack surface, and strengthening the organization's security posture. A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defence. Key Responsibilities: * Work to protect the company and its customers from materially impactful events to its Business, Brand and Customer e.g., catastrophic events, significant financial losses, and highly embarrassing events. * Utilize commercial and open-source intelligence providers to gain insight into existing activities in the hacker and fraudster communities, as well as planned activities and emerging motivations. * Developing analytics and Provides support to incident response teams during cyber events in the form of attack attribution and recommended courses of action based on knowledge of the adversary and collaborate on threat hunting with SOC. * Conduct malware analysis and provide indicators for defensive measures and understand attack signatures and techniques. * Conduct threat investigations and operations using known adversary tactics, techniques and procedures indicators of attack in order to detect adversaries and help operationalise effective Threat Services and controls to protect core business processes and customer data * Ensure generation, maintenance, and protection of required documentation, reporting and traceability. * Identify and respond to threats: Incorporating industry intelligence to enable proactive threat detection, containment, and response. * Support the TEM manager to Report and Maintain Key Risk, Performance and Success Indicators for the team and support the TEM manager to Develop and maintain the Threat process, including all required supporting materials. * Leverage CrowdStrike Falcon and related modules for threat detection, endpoint protection and exposure management. * Perform continuous monitoring of threat landscape, vulnerabilities, and exploits to proactively assess risks and advise the InfoSec Management team of significant emerging threats and identified vulnerabilities and recommend tactical and operational steps to counteract these threats and mitigate vulnerabilities. Effectively communicate with internal stakeholders (technical and non-technical) and suppliers to provide updates on threats, vulnerabilities and/or to deliver key projects. Key Skills & Experience: * Strong technical background and focus with the ability to script in one or more programming language (e.g.: Python, etc) * Strong threat hunting experience and ability to analyse malware, networking, Firewall and Web Knowledge, OWASP top 10 knowledge, Knowledge of DevSecOps Threats * Understand vulnerability lifecycle and knowledge and demonstrable experience of Information security technologies and methodologies, Experience of Cloud systems and their Architecture (Azure, AWS) * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix, Database technologies (SQL, Oracle, DB2, Mongo) and associated threats * Awareness of security controls in widely used technologies e.g., MS Office 365 and experience of Incident Management and Response tools - e.g., Remedy, ServiceNow * Strong hands-on experience with CrowdStrike Falcon platform * Exceptional Customer engagement and reporting skills. * Exceptional analytical, problem-solving, and troubleshooting abilities. * 3-5+ years in Threat Management, Vulnerability Management, DevSecOps, or pen testing * Proven use of modern security tooling in real-world projects * Experience in agile delivery teams and cross-functional collaboration * Exposure to cloud security * Comfortable documenting technical findings and engaging in remediation cycles * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT * Azure Security Engineer Associate / AWS Security Specialty * CrowdStrike Experience and certifications This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

SOC Analyst (Outside IR35) 12 Month Contract Full time on site in Birmingham £375 - £475 Outside IR35 (Depending on experience) Requires an active DV Clearance Role Summary Support the client's Security Operations Centre (SOC) with hands-on Splunk SIEM expertise, threat detection, incident response, and continuous improvement of security operations. Core Responsibilities * Operate and tune Splunk SIEM: detection logic, correlation rules, dashboards, playbooks * Triage alerts and manage incidents through resolution * Aggregate and correlate logs from multiple sources * Conduct threat hunting and integrate threat intelligence * Maintain documentation and contribute to SOC knowledge base * Support continuous improvement and R&D initiatives Required Skills & Experience * Strong Splunk SIEM experience (content creation, tuning, reporting) * Live SOC environment experience * Knowledge of OS (Windows, Linux, OSX), firewalls, IDS/IPS, networking * Familiarity with NIST, ISO 27001, MITRE ATT&CK, CIS frameworks * Threat analysis, detection engineering, vulnerability tools * Stakeholder engagement and incident/crisis management Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

A Microsoft Security Engineer is required for an initial 6 month contract. This is a hybrid role with 2-3 days per week on site in London and is inside IR35 so will require working via an FCSA accredited umbrella company This role is for a proactive and skilled Microsoft Security Engineer/Analyst tasked with safeguarding digital assets by leveraging a comprehensive suite of Microsoft security technologies. The ideal candidate will use Microsoft Defender XDR for managing and responding to threats, implement Microsoft Purview to ensure data compliance, and secure identities and access through Microsoft Entra ID. Essential skills/knowledge/experience: Microsoft Defender XDR (Extended Detection and Response) *Platform Expertise and Management: Act as a subject matter expert for the core components of the Defender XDR suite, including: *Microsoft Defender for Endpoint: Manage endpoint protection, detection, and response across our device fleet. *Microsoft Defender for Office 365: Protect against email-based threats, including phishing, malicious attachments, and compromised links. *Microsoft Defender for Identity: Monitor on-premises Active Directory signals to identify and investigate threats related to compromised identities. *Microsoft Defender for Cloud Apps: Enforce security policies and provide threat protection across our cloud applications. *Microsoft Defender Vulnerability Management: Prioritize and address critical vulnerabilities and misconfigurations based on a risk-based assessment. *Collaboration & Support: Work with internal IT and other security teams to ensure the effectiveness of the platform. Serve as a point of contact for external services like Microsoft Defender Experts for proactive hunting and expert guidance. *Documentation & Reporting: Document incident response procedures, create reports on security posture, and provide regular briefings to leadership. Microsoft Purview (Data Governance and Compliance) *Data Lifecycle Management: Implement policies for records management and retention to ensure that data is retained according to legal and business requirements and securely disposed of when no longer needed. *Data Security Posture Management (DSPM): Utilize DSPM capabilities to understand data risk, identify sensitive data across the environment, and implement controls to mitigate risk. This includes managing data security posture related to AI applications and models. *eDiscovery & Auditing: Support legal and compliance teams by utilizing Purview's eDiscovery and audit capabilities for investigations. *Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. *Experience: 8-10 years of experience in a cybersecurity role, with a strong focus on Microsoft security solutions. *Technical Skills: *In-depth practical knowledge of the Microsoft security stack, including Defender XDR, Purview, and Entra ID. *Experience with scripting languages, particularly PowerShell, for automation and management. *Familiarity with common cybersecurity frameworks and attack methodologies, such as the MITRE ATT&CK framework. *Certifications (Preferred): *Microsoft Certified: Security Operations Analyst Associate (SC-200) *Microsoft Certified: Identity and Access Administrator Associate (SC-300) *Microsoft Certified: Information Protection Administrator Associate (SC-400) *Certified Information Systems Security Professional (CISSP) Microsoft Entra ID (Identity and Access Management) *Advanced Threat Protection: Utilize Microsoft Entra ID Protection to identify and respond to compromised credentials and other identity-based risks. Work closely with the Defender for Identity team to monitor on-premises Active Directory signals for threats. *Privileged Access Management: Implement and maintain Privileged Identity Management (PIM) and Privileged Access Management (PAM) to provide just-in-time (JIT) access and enforce the principle of least privilege. *Authentication Protocols: Ensure the proper configuration and integration of various authentication protocols, including SAML, OAuth, OIDC, and SCIM for application and service provisioning. *Device Management: Secure Bring Your Own Device (BYOD) and other device access by implementing device-based access policies and configurations. Desirable skills/knowledge/experience: *Excellent analytical and problem-solving abilities. *Strong communication and collaboration skills to work effectively with technical and non-technical teams. *A proactive mindset and the ability to adapt to a fast-paced, evolving threat landscape. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role: Data analyst Rate: Inside IR35 Location: 2-3 days onsite in Luton Duration: 6 months initially Data Steward will be responsible for ensuring data quality, governance, and compliance across critical operational datasets, enabling reliable analytics and reporting. The role will focus on managing metadata, monitoring data reliability, and supporting business users in leveraging trusted data. Key responsibilities: Data Governance & Stewardship · Define and enforce data governance standards, policies, and processes across airline operational datasets. · Collaborate with business stakeholders to document business definitions, data ownership, and stewardship guidelines. · Maintain data dictionaries, metadata, and lineage within Atlan. Data Management & Quality: · Be the technical lead for the Data Management and Quality. Develop the technical designs of all Data Management frameworks and operating models and ensure that are embedded in our people, tools, and business processes. Monitor use of all the data management frameworks and operating models across the organisation to ensure compliance with the data management best practice defined internally at customer Data Quality & Reliability · Monitor and ensure data accuracy, completeness, timeliness, and consistency across systems. -Leverage Monte Carlo for data observability-proactively detecting, resolving, and preventing data quality issues. · Work with data engineering teams to establish data validation, profiling, and anomaly detection frameworks. Stakeholder Engagement & Support · Act as a bridge between business and technical teams, ensuring alignment of data requirements. · Provide training and guidance to business users on accessing and using trusted datasets. · Support airline operations by ensuring operational reports and dashboards are built on consistent, high-quality data. · Facilitate data lifecycle management (from ingestion to archival) while ensuring compliance with airline industry standards · Ensure adherence to aviation regulatory requirements, data privacy, and security standards. · Maintain access controls and data-sharing policies in line with organizational and industry guidelines. Key skills/knowledge/experience: · Strong experience with data observability and quality monitoring. · Proficiency in metadata management, cataloging, and lineage tracking. · Solid understanding of data governance, master data management, and data lifecycle practices. · Familiarity with airline/aviation operational data (crew, scheduling, flight ops, maintenance) preferred. · Excellent communication skills to collaborate with IT teams, analysts, and business stakeholder LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Splunk Enterprise Security Developer 6 Month contract initially Based: Hybrid/London Rate: £450 - £500 (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We a great opportunity for a Splunk Enterprise Security Developer to join the team. Experience with Splunk ES involves using it as a SIEM to detect, investigate, and respond to security threats through features like incident investigation, 24/7 threat monitoring, automated response playbooks via Splunk SOAR, AI-powered agentic capabilities, and customizable analytics. Key aspects of this experience include data ingestion and correlation from diverse sources like firewalls and endpoints, building correlation searches, creating and assigning findings, and utilising a unified workflow with features like response plans and case management to streamline SOC operations The ideal candidate will have experience in Splunk Enterprise skills, ITSI implementation, support of Splunk in a multi-site clustering environment, understanding of CIM and DMA, Red Hat, Windows. Key Skills & Experience: * Candidate must be Excellent Splunk Enterprise 7/8., Splunk SOAR skills * Good ITSI implementation skill * Understanding of Installation, management, and support of Splunk 7/8, in a multi-site clustering environment * Hands on experience of security data sources on-boarding / parsing. * Development of security use cases using Splunk Enterprise with good understanding of CIM and DMA. * Practical experience in monitoring and tuning a Splunk environment to provide a high availability service * Demonstrate a good knowledge of Splunk apps and the way in which those apps interact with the underlying infrastructure * Ownership of the deliveries for small to large size Splunk onboarding projects * Competent in command line and GUI interfaces of Splunk Enterprise /ITSI * Good understanding of Security models and auditing policies of Splunk * Ability to automate repetitive Splunk tasks to remove workload from the team * Demonstrate knowledge of implementing and supporting Splunk as a shared service Red Hat, Windows This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organization's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: • Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: • Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. • Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3rd party software. The aim of the role is to bring the MSP's (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organization based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and experiences: Essential A extensive technical background with a detailed knowledge of cyber security, computer networks and operating systems Broad and detailed experience of technologies including but not limited to DNS, Certificate Transparency, firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy systems Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Desirable Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy system Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 5th September 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-NP1 #LI-Hybrid