Find your next tech and IT Job or contract Endpoint detection and response (EDR)

Your search returns 43 results.
Contractor
Permanent
Fixed term

Job Vacancy
Consultant / Ingénieur cybersécurité et réseau

EDC DIGITAL-IT
Published on
Cortex XSOAR
Cybersecurity
Endpoint detection and response (EDR)

1 year
40k-45k €
400-500 €
Paris, France
Nous sommes à la recherche d'un ingénieur cybersécurité et réseau en renfort sur les activités de run et de projets sur le périmètre Sécurité Opérationnelle (firewalls, EDR, patch management…) Point de contact privilégié pour le prestataire SOC/NOC et la DSI, il s’assure de la bonne conformité des firewalls, accompagne les équipes projets dans la définition des matrices de flux, participe à l’amélioration continue des processus et des outils. Compétences : • Maitrise des technologies PaloAlto Firewall et Cortex • Connaissances des architectures et protocoles standards des systèmes d’information. • Compétences techniques en analyse et investigation (logs firewall, logs EDR, logs applicatifs…) • Maitrise de l’anglais impérative oral et écrit Activités : RUN : • Valide les demandes de modification des flux autorisés faites par les équipes IT locales • S’assure de la bonne application des principes et nomenclatures des règles FW • Traiter les failles et alertes de sécurité en relation avec les responsables d’applications : analyse d’impact sur notre SI, remédiation des problèmes de configuration, montées de version… • Maitriser la conformité de notre parc PC/serveurs vis-à-vis de notre socle sécurité (EDR, FW, patch management, OS obsolètes…) BUILD : • Participe à l’amélioration continue sur la sécurité de la division (optimisation de l’existant + nouveaux projets) • Accompagner les équipes IT dans les usines et les équipes IT niveau division pour l’application de ces règles (conduite du changement). Profil réseau firewall et conformité (dans le sens vérifier l’efficacité du patch mgt). Gestion des tickets d’évolution : regarder si on peut les prendre, les valider, les faire avancer etc. Avoir une forte connaissance des protocoles anciens et nouveaux.
Contractor

Contractor job
Analyst SOC / CSIRT - Senior

Groupe Aptenia
Published on
Endpoint detection and response (EDR)
SOC (Security Operation Center)

6 months
550-700 €
Paris, France
✅Statut : Freelance/Portage Salariale ✅Démarrage : ASAP ✅Localisation : Paris (2 jours de TT) ✅5 à 10 ans d'expérience en gestion d'incidents et en cybersécurité opérationnelle. Quelques missions : ✅Prise en charge des incidents critiques de Niveau 3 escaladés par les MSSPs ✅Lead technique sur des projets et outils de sécurité en environnement RUN ✅Expertise EDR en tant que Subject Matter Expert ✅Pilotage de l'amélioration continue des activités Détection & Réponse ✅Contribution au développement de services clés : EDR, Threat Hunting, Purple Team ✅Participation active à l'élaboration de la stratégie Détection & Réponse
Permanent
Contractor

Job Vacancy
Architecte Politique et Intégration SOC

NETSEC DESIGN
Published on
Endpoint detection and response (EDR)
Intrusion Detection System (IDS)
Proxy

3 years
60k-80k €
400-800 €
Boulogne-Billancourt, Ile-de-France
On recherche pour notre client final grand compte un consultant SOC CYBERDEFENSE pour l'intégration de nouveaux périmètres techniques dans le périmètre de supervision du SOC tels que : Microsoft O365 Une solution de supervision des API Des activités sur des technologies déjà déployées mais nécessitant des revues et améliorations. Dans le cadre de ce besoin sont attendus : Rédaction de politique de logs Architecture de collecte et d'intégration au SOC Définition de la stratégie de détection (scénarios avec logiques de détection et de réaction) selon la méthodologie en place au SOC Rédaction des documents associés Livrables : Document de politique de journalisation pour chacune des technologies considérées Documents d'architecture associés Elaboration de la stratégie de détection pour les technologies considérées
Permanent

Job Vacancy
Expert Cybersécurité H/F

iDNA
Published on
Architecture
Audit
Business continuity plan (BCP)

69k-75k €
La Défense, Ile-de-France
Nous Connaitre : Créé en 2011, iDNA est un cabinet de conseil indépendant qui accompagne ses clients sur les domaines clés de l’IT et les aide à créer de la valeur grâce à leur système d’information. Nous intervenons auprès des plus grandes entreprises françaises. Après 15 années de développement dans la cybersécurité des environnements IT et OT, iDNA devient une filiale de NXO France tout en conservant son identité, son autonomie opérationnelle et ses équipes. Une alliance fondée sur des valeurs communes, la complémentarité des expertises et une ambition partagée : créer toujours plus de valeur pour nos clients. Contexte : Dans le cadre de notre développement, nous recherchons un(e) Expert (e) Cybersécurité, en charge des tâches suivantes : Vos missions : Conduite et réalisation d’audits technique (architecture et configuration), applicatifs (audits de code SAST et DAST) et organisationnels (ISO 27001), audit de conformité (NIS 2, NIST, LPM, …) Pilotage et réalisation de pentests Analyses de risques (EBIOS RM) Définition d’architectures réseaux et sécurité Définition de spécifications fonctionnelles et techniques Conseil et accompagnement aux entreprises Rédaction de livrables (compte-rendu de réunion, note de synthèse, schéma d’architecture, rapport d’audits, dossiers d’analyse de risques, dossier d’exploitation...) Pilotage de projets techniques cybersécurité Gestion d’incidents, gestion de crises, PCA, PRA Avantages & Perspectives Localisation : La Défense, avec une possibilité de distanciel Démarrage : Septembre Rémunération : +/- 75 K en package selon profil (intéressement mis en place en 2015)
Contractor

Contractor job
Recherche Analyste SOC / Cybersecurity Engineer

Groupe Aptenia
Published on
Elasticsearch
Java
Kubernetes

6 months
250-350 €
Rouen, Normandy
🎯 Compétences recherchées : • Analyse et investigation d'alertes de sécurité • Création et optimisation de règles de détection • Maîtrise d' Elastic Stack (ELK) • Expérience sur les solutions XDR Trend Vision One • Sécurisation d'environnements Kubernetes et OpenShift • Utilisation de Tenable Security Center • Bon niveau sur les environnements Microsoft , Apache , Java et Python 💡 Qualités attendues : • Rigueur et sens de l'analyse • Organisation et autonomie • Bon relationnel et communication • Capacité à accompagner les équipes sur les sujets cybersécurité
Contractor

Contractor job
Ingénieur Cybersécurité EDR (H/F)

METSYS
Published on
Fortinet
SOC (Security Operation Center)
Symantec

6 months
600-660 €
Ile-de-France, France
Dans le cadre du déploiement et de l’optimisation d’une solution EDR (Endpoint Detection & Response) , nous recherchons un ingénieur cybersécurité capable d’intervenir à la fois sur les volets RUN, amélioration continue et sécurité opérationnelle . Vos missions Détection & réponse à incident Réaliser et/ou coordonner le traitement des incidents remontés par l’EDR Assurer le suivi, l’analyse et le reporting des incidents de sécurité Piloter les actions de remédiation Configuration & amélioration continue Proposer et implémenter les configurations EDR selon les bonnes pratiques de sécurité Définir et ajuster les politiques de quarantaine Gérer les exceptions de sécurité Exploitation & maintien en condition Assurer le MCO/MCS de la solution EDR Suivre le déploiement et l’enrôlement des postes Maintenir la performance et la disponibilité de la solution Pilotage & reporting Produire et mettre à jour les KPI (incidentologie, déploiement, couverture…) Suivre les indicateurs de performance et proposer des axes d’amélioration Documentation Rédiger et maintenir la documentation d’exploitation Produire les fiches réflexes, procédures et supports de recette
Permanent

Job Vacancy
IT Cyber Security Analyst

Rise Technical Recruitment Ltd
Published on

£45k-55k
North Lincolnshire, United Kingdom
IT Cyber Security Analyst Scunthorpe, North Lincolnshire £45,000 - £55,000 + Training and Development + Great Pension + 27 Days Annual Leave + Bank Holidays + Life Assurance + Health Cash Plan + EAP + Sick Pay Are you a cyber security professional looking to take ownership of patching, threat detection, and incident response in a large-scale enterprise environment while playing a key role in strengthening security maturity? This is a fantastic opportunity to join a well-established organisation undergoing a major cyber transformation, where you will be at the centre of defending critical IT and OT systems. Working closely with internal teams and external SOC/MDR providers, you will contribute to monitoring threats, responding to incidents, and improving overall security posture. In this role, you will take ownership of patching across the IT estate, coordinate remediation on critical systems, and support vulnerability management processes. You will also contribute to threat hunting activities and help continuously enhance detection and response capabilities. The ideal candidate will have hands-on cyber security experience, strong knowledge across networks, endpoints, identity, and cloud security, and the ability to work collaboratively across technical teams to drive security improvements. The Role: *Monitor, triage, and respond to security incidents alongside SOC/MDR providers *Own patching processes across endpoints and servers *Coordinate vulnerability management and remediation activities *Support threat hunting and detection improvement initiatives *Contribute to audits, compliance, and security control implementation The Person: *Experience in cyber security, IT support, or OT/engineering environments *Strong understanding of security across networks, endpoints, identity, and cloud *Experience with patching tools and vulnerability management *Knowledge of SOC operations and incident response *Excellent problem-solving and communication skills Reference Number: BBBH276210 Rise Technical Recruitment Ltd acts an employment agency for permanent roles and an employment business for temporary roles. The salary advertised is the bracket available for this position. The actual salary paid will be dependent on your level of experience, qualifications and skill set and will be decided by our client, the employer. Rise are not responsible or liable for any hiring decisions made by the end client. We are an equal opportunities company and welcome applications from all suitable candidates.
Contractor

Contractor job
Analyste SOC / Cyberdéfense (H/F)

Lùkla
Published on
Apache
HTML
Javascript

6 months
Rouen, Normandy
Contexte Dans le cadre du renforcement des capacités opérationnelles du SOC (Security Operations Center), nous recherchons un(e) Analyste SOC / Cyberdéfense afin d’assurer la surveillance du système d’information, la détection et le traitement des menaces de sécurité, ainsi que l’amélioration continue des dispositifs de supervision et de détection cyber. Vos missions Au sein de l’équipe cybersécurité, vous serez en charge de : Analyser, qualifier et prioriser les alertes de sécurité ; Réaliser des activités de threat hunting ; Escalader et suivre le traitement des incidents de sécurité ; Accompagner les équipes techniques dans les actions de remédiation ; Développer et maintenir les règles de détection SIEM/XDR ; Assurer le maintien opérationnel des dispositifs de supervision cyber ; Contribuer à l’amélioration continue des procédures SOC ; Réaliser une veille sécurité et enrichir les mécanismes de détection ; Produire le reporting opérationnel et maintenir la documentation à jour. Livrables attendus Analyses et qualifications des alertes de sécurité ; Rapports et tableaux de bord de suivi des activités SOC ; Comptes rendus de threat hunting et d’investigations ; Recommandations et plans d’actions de remédiation ; Règles de détection SIEM/XDR mises en œuvre ou optimisées ; Documentation des procédures et processus SOC ; Reporting de suivi des incidents et de leur résolution ; Contributions à l’amélioration continue des dispositifs de supervision cyber.
Contractor

Contractor job
ANALYSTE SOC H/F - ROUEN

Cheops Technology
Published on
Linux
OS Windows
Security Information Event Management (SIEM)

6 months
400-470 €
Rouen, Normandy
Détection et analyse des menaces Le prestataire devra notamment : Identifier, analyser, qualifier et prioriser les alertes de sécurité détectées ;  Évaluer la criticité et l’impact potentiel des alertes sur le système d’information ;  Notifier les alertes de sécurité aux parties prenantes et assurer leur escalade si nécessaire ;  Mener des activités de recherche de compromission (Threat Hunting) afin d’identifier des comportements suspects non détectés automatiquement. 4.2 Réaction et accompagnement face aux menaces Le prestataire assurera :  La transmission des plans d’action aux équipes responsables du traitement des alertes ;  Un support technique et méthodologique concernant les correctifs ou mesures de contournement à mettre en oeuvre ;  La formulation de recommandations sur les mesures immédiates à appliquer pour limiter les risques ;  L’accompagnement et le suivi du traitement des alertes jusqu’à leur résolution complète. 4.3 Mise en place des cas d’usage et des outils Le prestataire assurera :  Le développement et le maintien des règles de détection d’événements de sécurité (SIEM, Trend Vision One, etc.) ;  Le maintien opérationnel des dispositifs de supervision Cyber. 4.4 Veille et amélioration continue Dans une logique d’amélioration permanente, le prestataire devra :  Contribuer à l’amélioration continue des procédures existantes et à la construction de procédures pour les nouveaux types d’alertes ;  Participer à la veille active sur les menaces, vulnérabilités et techniques d’attaque ;  Participer à l’enrichissement, le cas échéant, des règles de corrélation d’événements et des mécanismes de détection. 4.5 Reporting et documentation Le prestataire sera en charge de :  Renseigner et maintenir les tableaux de bord reflétant l’activité opérationnelle et l’état des alertes ;  Mettre à jour la documentation associée aux processus, procédures et alertes traités
Premium Job
Contractor
Permanent

Job Vacancy
Architecte Infrastructure Modern Workplace / Active Directory

CONSULT IT
Published on
Active Directory
Architecture
Workplace

1 year
Ile-de-France, France
Au sein du pôle End User Experience (EUX) , en charge de l’ensemble des activités liées au Digital Workplace , nous couvrons les domaines suivants : poste de travail, services de collaboration et de communication, espaces connectés ainsi que le support aux utilisateurs. Le pôle EUX conçoit, déploie et assure l’exploitation des outils, services et équipements constituant l’environnement de travail des collaborateurs du Crédit Agricole. Dans ce contexte, nous recherchons pour l’équipe SOE (Solutions & Offres Technologiques) un Architecte Workplace confirmé pour une mission de 6 mois renouvelable . La mission s’inscrira au sein du pôle EUX, avec un focus sur le Product Management , l’architecture des solutions Workplace et la veille technologique. Missions Concevoir et définir les architectures autour des technologies de la plateforme Modern Workplace (Microsoft 365, poste de travail, périphériques mobiles : tablettes et téléphones) avec une approche centrée utilisateur. Produire les livrables techniques et stratégiques, notamment : Documents d’architecture technique (HLD) Notes stratégiques à destination du management Dossiers de présentation des solutions et moyens techniques Analyser, challenger et comprendre les besoins des clients et des métiers. Recueillir les besoins fonctionnels et techniques afin de proposer des solutions adaptées. Concevoir des architectures répondant aux enjeux métiers, techniques et de sécurité. Définir les architectures cibles ainsi que les feuilles de route associées. Accompagner les experts techniques dans la mise en œuvre des solutions. Participer à l’intégration et à la sécurisation des environnements Cloud et Hybrides (Azure AD, MFA, Zero Trust, etc.). Assurer l’interface avec les différentes entités et départements techniques. Évaluer les nouveaux produits, solutions et technologies du marché. Collaborer avec les équipes projet, clients et utilisateurs finaux tout au long du cycle de vie des projets Modern Workplace. Prérequis / Qualifications Profil confirmé, autonome et force de proposition Anglais lu et écrit indispensable Organisation, rigueur et sens de la méthode Compétences attendues Capacité à comprendre les enjeux et problématiques clients, et à les traduire en solutions techniques Capacité à travailler en équipe comme en autonomie Excellentes compétences de communication orale et écrite Capacité à intervenir simultanément sur plusieurs projets Aptitude à coordonner les équipes et accompagner la résolution des problématiques techniques Environnements techniques requisDigital Workplace Microsoft 365 SharePoint, Teams, OneDrive, Exchange Microsoft Fabric, Power Platform Virtualisation d’applications IAM / Identity Access Management AD Join, Entra ID Gestion du cycle de vie utilisateur (Provisioning / Deprovisioning) Sécurité PKI (distribution de certificats sur postes de travail) Stratégie Zero Trust Chiffrement (BitLocker, etc.) EDR (Endpoint Detection & Response) AppLocker / WDAC Architecture PAW (Postes à accès privilégiés) Poste de travail & Mobilité Windows 10 / 11 (incluant WVD / VDI) MacOS (un plus) avec outils de gestion de flotte : Intune, Jamf Intune, SCCM Enterprise Mobility + Security (EMS) Authentification forte (2FA / MFA) Solutions VPN liées au poste de travail Outils de DLP
Contractor

Contractor job
[LFR] Ingénieur DLP à Nice (80% remote) - 1549

ISUPPLIER
Published on

10 months
350-500 €
Nice, Provence-Alpes-Côte d'Azur
he Cyber Security team has a mission for a DLP engineer. The mission requires strong hands‑on experience with Microsoft Purview DLP, DSPM, IRM module and MDCA and a solid background in Data Loss Prevention across M365, endpoints, and cloud services. Knowledge of Netskope or any other leading CASB/SWG/DLP solution (Zscaler, Symantec, Palo Alto, etc.) is a strong plus. The engineer will operate, optimize, and expand Amadeus data protection and detection capabilities, working closely with the SOC to strengthen threat detection, incident response, and data security controls. Rôles et responsabilités sur le projet Objectifs - Design, develop and deploy DLP controls Qualifications: - Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications (such as CISSP, SANS, etc.) are a plus. - 5+ years of experience working in a Security Operations Center (SOC) or Security Engineering department. - Hands-on experience with Microsoft Purview DLP (M365, Endpoint DLP, Cloud Apps). - Knowledge of CASB/SWG/DLP tools (Netskope, Zscaler, Symantec/Broadcom, Palo Alto, etc.) is a strong advantage. - Experience with and DSPM platforms (Wiz, Netskope DSPM, Varonis, etc.) is an asset. - Familiarity with EDR tools like CrowdStrike or Defender for Endpoint is also beneficial. - Strong understanding of DLP concepts, data classification, and data protection strategies. - Experience with SIEM platforms (Sentinel, Splunk) and log analysis. - Basic scripting skills (PowerShell, Python, KQL). - Good understanding of network protocols, encryption, and exfiltration techniques. - Ability to work collaboratively in a team environment and manage multiple projects. - Strong communication and problem‑solving skills. - Passion for learning and a proactive approach to threat identification and mitigation. Objectifs et livrables - Deploy, configure, and maintain Microsoft Purview/MDCA DLP policies across M365, endpoints, and cloud applications. Create, tune, and maintain DLP rules, data profiles, and incident workflows across email, SharePoint/OneDrive, Teams, endpoints, cloud, and web channels. Reduce false positives and improve detection accuracy through continuous tuning. Support data classification, sensitivity labels, and governance initiatives (Purview or DSPM tools). Develop detection rules, threat-hunting use cases, and response playbooks using Purview and other security tool logs. Assist SOC analysts during investigations, especially in data exfiltration scenarios. Integrate Purview, Sentinel and DLP logs with the SIEM and other SOC technologies. Document test plans, tuning guides, and DLP operational procedures. Work with internal IT, Cloud, and SOC teams to ensure proper data protection coverage. Contribute to evaluating and onboarding new security technologies.
Permanent

Job Vacancy
IT Infrastructure Operations and Security Lead

Nexus Jobs Limited
Published on

£85k-100k
London, England, United Kingdom
IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: The following is a summary of the key skills that the Client would like you to bring to the company. Global Enterprise level Infrastructure Management position for the last 5 years, Buy before Build mentality and demonstrable migration of Legacy VM based estates to SaaS and Azure Cloud services platforms, Global Operational team management experience (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key 3 party operational infrastructure vendor management - i.e. management of managed service partners as a team extension globally, as well as service/solution delivery partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy Infra tech to Azure knowledge/experience, Prior to the last 5 years in Enterprise Management of a global estate/user-base, a demonstrable technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.
Permanent

Job Vacancy
IT Operations Platforms and Security Lead

Nexus Jobs Limited
Published on

£85k-100k
London, England, United Kingdom
IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: Global Enterprise level Infrastructure Management position for the last 5 years, Global team management (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key - 3 party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge/experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £100K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.
Permanent

Job Vacancy
IT Operations and Security Lead

Nexus Jobs Limited
Published on

£85k-95k
London, England, United Kingdom
IT Operations Platforms and Security Lead In summary the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity of the estate, current transformation activities and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.
Permanent

Job Vacancy
Security Operations Centre Analyst (Tier 2)

LA International Computer Consultants Ltd
Published on

£40k-55k
Stoke-on-Trent, England, United Kingdom
Security Operations Centre (SOC) Analyst - Tier 2 Location: Stoke-on-Trent, United Kingdom Employment Type: Permanent, Full-Time Department: Security Operations Salary: Up to £55,000 per annum + shift allowance Working Hours: Rotating shifts (early, late, and nights) on a 4-days-on rota. About the Role We are seeking a proactive Tier 2 SOC Analyst to join a 24x7 Security Operations Centre. You will investigate and manage complex security incidents, support threat hunting activities, and act as an escalation point for Tier 1 analysts. This role offers an excellent opportunity to further develop your technical expertise while helping to strengthen and mature the organisation's security operations capability. Key Responsibilities Lead the triage, investigation, and resolution of medium to high-severity security incidents. Monitor and analyse security events using SIEM, EDR, and other security tools. Act as an escalation point and mentor for Tier 1 analysts. Perform threat analysis and share intelligence across teams. Tune and improve SIEM rules and detection capabilities. Support vulnerability management and remediation activities. Produce incident reports, metrics, and post-incident reviews. Collaborate with Infrastructure, Network, and Development teams to improve security posture. Skills & Experience 1-5 years' experience within a SOC or similar security operations environment. Hands-on experience with incident response, security monitoring, and threat analysis. Experience using SIEM, EDR, and vulnerability management tools. Good understanding of security operations processes, attack techniques, and incident management methodologies. Strong analytical and problem-solving skills. Qualifications (Desirable) Degree in Cyber Security, Information Security, Computer Science, or equivalent experience. Relevant certifications such as CompTIA Security+, CEH, CCSP, CISSP, BTL1, BTL2, or SIEM/vendor-specific certifications. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take a minimum 10 weeks. LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance. An award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over multiple years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience. Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.
Permanent

Job Vacancy
IT Manager

Nexus Jobs Limited
Published on

£60k-65k
London, England, United Kingdom
IT Manager Our Client is a Bank based in Central London, are looking to recruit an IT Manager ideally with at least 2 years of experience in IT within the financial industry and overall 7 to 10 years of experience in IT. You will be working in a small team managing the day-to-day technology infrastructure to ensure that the Bank can operate efficiently. Cybersecurity Strategy and Planning Evaluate and proritize security initiatives for the branch in London in collaboration with GT (Group Technology) - Group IT Security. Stay up-to-date with the latest cybersecurity threats and trends and escalate risks promptly. Ensure compliance with relevant industry regulations and standards (e.g., GDPR and any other applicable to the IT). Evaluate GT s compliance with relevant regulatory standards (eg ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among bank London employees; conduct annual training /workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers for the team - Monitor, track and uphold quality of deliverables. Be the point of contact for external communications and facilitate internal communication for effective collaboration on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second/third level support with GT for support related issues. To comply with all applicable FCA/PRA conduct rules. Compliance with all mandatory training as set by the Branch/Group. Technical/Functional skills - Proficient in common operating systems o Windows 10, Windows Server 2018 and above o Redhat Linux based Operating System - Software proficiency o VMWare v6.7 and above o Veeam Backup and Replication o Symantec Endpoint Protection o Symantec Endpoint Encryption o ManageEngine Patch Manager Plus o Microsoft Office 365 o Bloomberg FXT/eikons o Murex Treasury System o SWIFT Alliance Access (SAA) - Networking (IT) o Cisco Switches and Routers o Fortigate Firewalls o LAN/WAN Routing - Hardware o Dell PowerEdge Servers o Dell PowerVault SAN Storage - Data analysis - Basic PC/Laptop support (formatting, imaging, etc) - Experience of writing and updating IT policies, standards, procedures, and guidelines Personal skills (Soft Competencies [Core/Leadership]) - Committed and dedicated to team deliverables. - Ownership of the business - Strong interpersonal stakeholders management skills - Strong written and verbal communication skills - Ability to train IT staff, supervise and motivate team members for high performance - Experience in coordinating installations, upgrades, and maintenance - Knowledge of architecture processes and performance reports of operating systems - Strong analytical/critical thinking skills - Ability to understand and oversee code development Qualifications: Bachelors degree qualification in relevant discipline Professional Qualification and/or Regulatory, Licensing requirements Project management certification (e.g., PMP, PRINCE2) is highly desirable. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are highly desirable. Relevant Work Experience At least 6 years of experience in IT within the financial/banking industry is preferable. Minimum of 2 years experience in managing staff or managing teams in a cross functional set-up. The position is based in Central London and is hybrid 3 days w eek in the office. The salary for this position will be up to £65K. Please do send your CV to us in Word format along with your salary and notice period.
43 results

Contracts

Contractor Permanent

Location

Remote type

Hybrid Remote On-site

Rate minimum.

£150 £1300 and more

Salary minimum

£20k £250k

Experience

0-2 years experience 3 to 5 years experience 6 to 10 years experience +10 years experience

Date posted

Connecting Tech-Talent

Free-Work, THE platform for all IT professionals.

Free-workers
Resources
About
Recruiters area
2026 © Free-Work / AGSI SAS
Follow us