Find your next tech and IT Job or contract Endpoint detection and response (EDR)

CrowdStrike SME 6 Month contract initially Based: Hybrid/London - Max 2-3 days p/w onsite Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a CrowdStrike SME to join the team. We are seeking a skilled CrowdStrike EDR Security Engineer to join our cybersecurity team. The role involves managing and optimizing CrowdStrike's Endpoint Detection and Response (EDR) solutions to enhance endpoint security, threat detection, and incident response. You will be responsible for deployment, configuration, and ongoing management of the CrowdStrike Falcon platform while collaborating with IT and security teams to ensure continuous endpoint protection.A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defense. Key Responsibilities: * Deploy, configure, and maintain CrowdStrike Falcon EDR solutions across endpoints in the organization including cloud deployments. * Monitor and analyse alerts from the CrowdStrike EDR system, identify potential threats, and perform initial triage and response. * Investigate security incidents using CrowdStrike Falcon to detect and respond to malware, exploits, and other advanced threats. * Collaborate with SOC (Security Operations Center) and other security teams to resolve incidents. * Proactively identify vulnerabilities and security gaps in endpoint configurations and recommend remediation. * Develop security policies and strategies for endpoint protection and threat hunting within the organization. * Create reports to provide actionable insights to senior management regarding threat trends and security incidents. * Stay updated on the latest cybersecurity trends, endpoint attack vectors, and CrowdStrike feature updates. * Oversee and enhance the security posture of our cloud environments (AWS) * Knowledge about Crowdstrike CSPM tools and compliance with cloud security standards and best practices. * Collaborate with cloud engineers, security teams, and DevOps to continuously monitor and improve customers cloud infrastructure's security. * Report CrowdStrike compliance against the total endpoints in customer environment and constantly work to improve the same. * Support investigation of Critical and Major incidents (P1 & P2) on 24*7 on call support. * To lead small-to-medium sized technical teams for BAU support as well as specific initiatives (projects, lifecycle work, PoCs) and to provide the expert guidance required to drive technical developments in these initiatives. Key Skills & Experience: * Strong and Proven experience in CrowdStrike Falcon EDR platform. * Strong knowledge of malware analysis, threat intelligence, and incident response. * Familiarity with threat hunting methodologies and cyber kill chain. * Experience working with Security Information and Event Management (SIEM) solutions. * Strong analytical skills with the ability to assess complex security data. * Hands-on experience with CSPM tools such as Prisma Cloud, AWS Security Hub, Azure Security Center, or Dome9. * Strong knowledge of cloud security frameworks and best practices (e.g., CIS benchmarks, NIST, NISD, ISO). * Experience with cloud service providers (AWS) and their security features. * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix. * Strong verbal & written communication, Good interpersonal skills and Exceptional Customer engagement skills are crucial to success in this role. * Proficiency in preparation of reports, dashboards, and documentation. Desirable skills/knowledge/experience: * CrowdStrike certification/s. * Proven experience in other EDR and AV solutions such as Microsoft Defender, Trend Micro etc. * Proven use of modern security tooling in real-world projects. * Experience in agile delivery teams and cross-functional collaboration. * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT. * Azure Security Engineer Associate / AWS Security Specialty. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

CrowdStrike & MS Defender SME 6 Month contract initially Based: Hybrid/London - Max 2-3 days p/w onsite Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a CrowdStrike & MS Defender SME to join the team. We are seeking a skilled Endpoint Security SME experienced in CrowdStrike and MS Defender (including MS Defender for Identity), managing both Server and End User Computing environments to join our cybersecurity team. The role involves managing and optimizing CrowdStrike and Defender's Endpoint Detection and Response (EDR) solutions to enhance endpoint security, threat detection, and incident response. You will be responsible for deployment, configuration, and ongoing management of both CrowdStrike Falcon platform and MS Defender while collaborating with IT and security teams to ensure continuous endpoint protection. A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defence. Key Responsibilities: * Deploy, configure, and maintain CrowdStrike Falcon and MS Defender EDR (including MS Defender for Identity) solutions across endpoints in the organization including cloud deployments. * Monitor and analyse alerts from CrowdStrike and MS Defender EDR systems, identify potential threats, and perform initial triage and response. * Investigate security incidents using CrowdStrike Falcon and MS Defender to detect and respond to malware, exploits, and other advanced threats. * Collaborate with SOC (Security Operations Center) and other security teams to resolve incidents. * Proactively identify vulnerabilities and security gaps in endpoint configurations and recommend remediation. * Develop security policies and strategies for endpoint protection and threat hunting within the organization. * Create reports to provide actionable insights to senior management regarding threat trends and security incidents. * Stay updated on the latest cybersecurity trends, endpoint attack vectors, and CrowdStrike feature updates. * Oversee and enhance the security posture of our cloud environments (AWS) * Knowledge about Crowdstrike CSPM tools and compliance with cloud security standards and best practices. * Collaborate with cloud engineers, security teams, and DevOps to continuously monitor and improve customers cloud infrastructure's security. * Report CrowdStrike and Defender compliance against the total endpoints in customer environment and constantly work to improve the same using KQL scripts. * Support investigation of Critical and Major incidents (P1 & P2) on 24*7 on call support. * To lead small-to-medium sized technical teams for BAU support as well as specific initiatives (projects, lifecycle work, PoCs) and to provide the expert guidance required to drive technical developments in these initiatives. Key Skills & Experience: * Strong and Proven experience in CrowdStrike Falcon and MS Defender (including MS Defender for Identity) EDR platform. * Strong knowledge of malware analysis, threat intelligence, and incident response. * Familiarity with threat hunting methodologies and cyber kill chain. * Experience working with Security Information and Event Management (SIEM) solutions. * Strong analytical skills with the ability to assess complex security data. * Hands-on experience with CSPM tools such as Prisma Cloud, AWS Security Hub, Azure Security Center, or Dome9. * Strong knowledge of cloud security frameworks and best practices (e.g., CIS benchmarks, NIST, NISD, ISO). * Experience with cloud service providers (AWS) and their security features. * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix. * Strong coding skills in programming languages such as Python, Java, or C++ for scripting and automation tasks. * Strong verbal & written communication, Good interpersonal skills and Exceptional Customer engagement skills are crucial to success in this role. * Proficiency in preparation of reports, dashboards, and documentation. Desirable skills/knowledge/experience: * Certification/s in CrowdStrike, MS Defender. * Proven use of modern security tooling in real-world projects. * Experience in agile delivery teams and cross-functional collaboration. * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT. * Azure Security Engineer Associate / AWS Security Specialty. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

CONTEXTE : 6 ans et plus Métiers Fonctions : Production, Exploitation, Infrastructure, Responsable Infrastructure Spécialités technologiques Description et livrables de la prestation Le responsable Infrastructure IT a pour mission principales De s'assurer de la disponibilité et de la sécurité des infrastructures de son périmètre (MCO) - De mettre en œuvre la politique groupe sur la partie système et réseaux De piloter/suivre les projets d'évolutions et/ou des nouveaux besoins métiers •De piloter l'activité de l'équipe infrastructure afin de délivrer le niveau de service attendu ACTIVITES / RESPONSABILITE - S'assurer de la disponibilité des infrastructures selon les niveaux de service définis - Traduire la politique groupe sur la partie infrastructure en processus/spécification afin de le décliner en tache récurrentes et efficientes - S'assurer de l'observabilité des systèmes et de la mise en place des moyens de supervision des systemes pour detecter les pannes au plus tot Travailler en lien avec les Achats IT pour acheter et suivre le déploiements des assets d'infrastructure -Travailler en lien étroit avec les équipes de développement afin d'assurer la livraison des solutions - Etablir un reporting sur le Build et le Run des activités et garantir la gestion des risques sur le périmètre Garantir l'exactitude du parc de matériel/logiciel de son périmètre (CMDB) = Suvre les incidents qui lui sont attribués etou à son équipe et propose des actions correctives → Proposer des evolutions des infrastructures en relation avec les évolutions techniques et les besoins métiers. - Participe à la mise en place des mesures de sécurité IT en lien avec les procédures Groupe et les revues intemes -Mettre en place les processus de gestion des retours (RMA..) constructeurs et fournisseurs des matériels et en effectue le suivi. Gérer la compétence des éléments de son équipe et propose les formations nécessaires. Mettre en place les plans de secours et en vérifie l'efficacité par l'intermédiaire de tests réguliers Implémenter tous les moyens et outils nécessaires à la sécurité des infrastructures AUTORITE / AUTONOMIE Pilotage et gestion de son équipe Mise en place des processus internes à son activité Proposition d'évolutions techniques vs les besoins métiers - Pilotage des projets internes et en relations avec les clients internes/externes Expertise souhaitée Savoir etre : Esprit d'analyse, rigueur et organisation dans l'exécution des activités Aisance relationnelle dans un environnement à forte contrainte Capacité d'adaptation dans un environnement changeant Capacite de gestion du stress et des crises lors d'événement majeur Aisance rédactionnelle -Esprit d'intégrité et ethique - Forte capacite de travail, d'engagement et de persévérence Compétence(s) Technique(s) Maltrise des solutions : VMWARE 7 et +, Linux rocky 7. Windows server 2019, Commvault, Fortigate/Fortiweb, Extreme Networks et AeroHive Networks, Citrix et AVD, TOIP (GENESYS, Bflex-Webex) - Connaissance des différents languages de scripts(VbScript, Power Shell etc..) = Martrise des normes et procédures de sécurité informatique Excellente compréhension de l'environnement de l'entreprise et de ses spécificités métiers - Maitrise de l'anglais technique - Conduite de projets - Maitrise de la partie Réseau Profil bac +5 ingénieur confirmé ou équivalent

IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: The following is a summary of the key skills that the Client would like you to bring to the company. Global Enterprise level Infrastructure Management position for the last 5 years, Buy before Build mentality and demonstrable migration of Legacy VM based estates to SaaS and Azure Cloud services platforms, Global Operational team management experience (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key 3 party operational infrastructure vendor management - i.e. management of managed service partners as a team extension globally, as well as service/solution delivery partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy Infra tech to Azure knowledge/experience, Prior to the last 5 years in Enterprise Management of a global estate/user-base, a demonstrable technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

IT Operations Platforms and Security Lead In summary the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity of the estate, current transformation activities and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

SOC Tier 3 Analyst 6 Month contract initially Based: Remote/Reading - Hybrid. Max 3 days p/w onsite. Rate: Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We a great opportunity for a SOC Tier 3 Analyst to strengthen the Security Operations Center. As a Tier 3 CERT Analyst you will lead the investigation and remediation of advanced cyber threats, leveraging cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender and other security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified Forensic Computer Examiner (CFCE) o GIAC Certified Forensic Analyst (GCFA) o GIAC Certified Intrusion Analyst (GCIA) This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Threat and Exposure Management SME 6 Month contract initially Based: Hybrid/London. Maximum of 2-3 days onsite p/w. Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Threat and Exposure Management SME to join the team. Responsible for the end-to-end vulnerability management process, including assessing systems, analysing risks, prioritizing fixes, and tracking remediation across IT and cloud platforms. This role is a key connector between security operations and business stakeholders, focusing on minimizing critical risks, reducing the overall attack surface, and strengthening the organization's security posture. A successful candidate will proactively monitor the evolving threat landscape, tools, and methodologies to maintain a strong defence. Key Responsibilities: * Work to protect the company and its customers from materially impactful events to its Business, Brand and Customer e.g., catastrophic events, significant financial losses, and highly embarrassing events. * Utilize commercial and open-source intelligence providers to gain insight into existing activities in the hacker and fraudster communities, as well as planned activities and emerging motivations. * Developing analytics and Provides support to incident response teams during cyber events in the form of attack attribution and recommended courses of action based on knowledge of the adversary and collaborate on threat hunting with SOC. * Conduct malware analysis and provide indicators for defensive measures and understand attack signatures and techniques. * Conduct threat investigations and operations using known adversary tactics, techniques and procedures indicators of attack in order to detect adversaries and help operationalise effective Threat Services and controls to protect core business processes and customer data * Ensure generation, maintenance, and protection of required documentation, reporting and traceability. * Identify and respond to threats: Incorporating industry intelligence to enable proactive threat detection, containment, and response. * Support the TEM manager to Report and Maintain Key Risk, Performance and Success Indicators for the team and support the TEM manager to Develop and maintain the Threat process, including all required supporting materials. * Leverage CrowdStrike Falcon and related modules for threat detection, endpoint protection and exposure management. * Perform continuous monitoring of threat landscape, vulnerabilities, and exploits to proactively assess risks and advise the InfoSec Management team of significant emerging threats and identified vulnerabilities and recommend tactical and operational steps to counteract these threats and mitigate vulnerabilities. Effectively communicate with internal stakeholders (technical and non-technical) and suppliers to provide updates on threats, vulnerabilities and/or to deliver key projects. Key Skills & Experience: * Strong technical background and focus with the ability to script in one or more programming language (e.g.: Python, etc) * Strong threat hunting experience and ability to analyse malware, networking, Firewall and Web Knowledge, OWASP top 10 knowledge, Knowledge of DevSecOps Threats * Understand vulnerability lifecycle and knowledge and demonstrable experience of Information security technologies and methodologies, Experience of Cloud systems and their Architecture (Azure, AWS) * Awareness of various operating system flavours including but not limited to Windows, Linux, Unix, Database technologies (SQL, Oracle, DB2, Mongo) and associated threats * Awareness of security controls in widely used technologies e.g., MS Office 365 and experience of Incident Management and Response tools - e.g., Remedy, ServiceNow * Strong hands-on experience with CrowdStrike Falcon platform * Exceptional Customer engagement and reporting skills. * Exceptional analytical, problem-solving, and troubleshooting abilities. * 3-5+ years in Threat Management, Vulnerability Management, DevSecOps, or pen testing * Proven use of modern security tooling in real-world projects * Experience in agile delivery teams and cross-functional collaboration * Exposure to cloud security * Comfortable documenting technical findings and engaging in remediation cycles * Nice to Have Certifications (not mandatory): OSCP, OSWA, CRTO, GWAPT, GPEN, eWPT * Azure Security Engineer Associate / AWS Security Specialty * CrowdStrike Experience and certifications This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

SOC Analyst (Outside IR35) 12 Month Contract Full time on site in Birmingham £375 - £475 Outside IR35 (Depending on experience) Requires an active DV Clearance Role Summary Support the client's Security Operations Centre (SOC) with hands-on Splunk SIEM expertise, threat detection, incident response, and continuous improvement of security operations. Core Responsibilities * Operate and tune Splunk SIEM: detection logic, correlation rules, dashboards, playbooks * Triage alerts and manage incidents through resolution * Aggregate and correlate logs from multiple sources * Conduct threat hunting and integrate threat intelligence * Maintain documentation and contribute to SOC knowledge base * Support continuous improvement and R&D initiatives Required Skills & Experience * Strong Splunk SIEM experience (content creation, tuning, reporting) * Live SOC environment experience * Knowledge of OS (Windows, Linux, OSX), firewalls, IDS/IPS, networking * Familiarity with NIST, ISO 27001, MITRE ATT&CK, CIS frameworks * Threat analysis, detection engineering, vulnerability tools * Stakeholder engagement and incident/crisis management Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: Global Enterprise level Infrastructure Management position for the last 5 years, Global team management (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key - 3 party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge/experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £100K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

Description At Engine by Starling , we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role To support our growth, we are looking for talented and motivated SOC engineers to join our foundational in-house SOC team. In this pivotal role, you will be instrumental in supporting the development, implementation, and operating of our security monitoring, detection, and response capabilities, with a particular focus on our cloud environments. You'll be at the forefront of responding to incidents and alerts, and helping shape the future of our security operations capabilities. What you'll get to do: Security Monitoring & Alert Triage: Monitor security alerts and events generated by various security tools Perform triage and analysis of security incidents and anomalies, distinguishing between true positives and false positives. Prioritise alerts based on severity, potential impact, and business criticality. Incident Detection & Response: Investigate security incidents thoroughly, leveraging logs from platforms, endpoints, applications, and other security tools. Create and follow incident response playbooks and contribute to their continuous improvement. Collaborate with Technology, Product and Engineering Teams to contain, eradicate, and recover from security incidents. Document incident details, findings, and remediation steps accurately and comprehensively. Additionally Stay informed about the latest cyber threats, attack techniques, and vulnerabilities, especially those targeting cloud environments. Participate in proactive threat hunting activities using available tools and data sources. Contribute to the optimisation, tuning, and maintenance of SOC tools Identify opportunities for automation to streamline security operations and enhance detection capabilities. Maintain detailed records of security incidents, investigations, and remediation actions.

A Microsoft Security Engineer is required for an initial 6 month contract. This is a hybrid role with 2-3 days per week on site in London and is inside IR35 so will require working via an FCSA accredited umbrella company This role is for a proactive and skilled Microsoft Security Engineer/Analyst tasked with safeguarding digital assets by leveraging a comprehensive suite of Microsoft security technologies. The ideal candidate will use Microsoft Defender XDR for managing and responding to threats, implement Microsoft Purview to ensure data compliance, and secure identities and access through Microsoft Entra ID. Essential skills/knowledge/experience: Microsoft Defender XDR (Extended Detection and Response) *Platform Expertise and Management: Act as a subject matter expert for the core components of the Defender XDR suite, including: *Microsoft Defender for Endpoint: Manage endpoint protection, detection, and response across our device fleet. *Microsoft Defender for Office 365: Protect against email-based threats, including phishing, malicious attachments, and compromised links. *Microsoft Defender for Identity: Monitor on-premises Active Directory signals to identify and investigate threats related to compromised identities. *Microsoft Defender for Cloud Apps: Enforce security policies and provide threat protection across our cloud applications. *Microsoft Defender Vulnerability Management: Prioritize and address critical vulnerabilities and misconfigurations based on a risk-based assessment. *Collaboration & Support: Work with internal IT and other security teams to ensure the effectiveness of the platform. Serve as a point of contact for external services like Microsoft Defender Experts for proactive hunting and expert guidance. *Documentation & Reporting: Document incident response procedures, create reports on security posture, and provide regular briefings to leadership. Microsoft Purview (Data Governance and Compliance) *Data Lifecycle Management: Implement policies for records management and retention to ensure that data is retained according to legal and business requirements and securely disposed of when no longer needed. *Data Security Posture Management (DSPM): Utilize DSPM capabilities to understand data risk, identify sensitive data across the environment, and implement controls to mitigate risk. This includes managing data security posture related to AI applications and models. *eDiscovery & Auditing: Support legal and compliance teams by utilizing Purview's eDiscovery and audit capabilities for investigations. *Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. *Experience: 8-10 years of experience in a cybersecurity role, with a strong focus on Microsoft security solutions. *Technical Skills: *In-depth practical knowledge of the Microsoft security stack, including Defender XDR, Purview, and Entra ID. *Experience with scripting languages, particularly PowerShell, for automation and management. *Familiarity with common cybersecurity frameworks and attack methodologies, such as the MITRE ATT&CK framework. *Certifications (Preferred): *Microsoft Certified: Security Operations Analyst Associate (SC-200) *Microsoft Certified: Identity and Access Administrator Associate (SC-300) *Microsoft Certified: Information Protection Administrator Associate (SC-400) *Certified Information Systems Security Professional (CISSP) Microsoft Entra ID (Identity and Access Management) *Advanced Threat Protection: Utilize Microsoft Entra ID Protection to identify and respond to compromised credentials and other identity-based risks. Work closely with the Defender for Identity team to monitor on-premises Active Directory signals for threats. *Privileged Access Management: Implement and maintain Privileged Identity Management (PIM) and Privileged Access Management (PAM) to provide just-in-time (JIT) access and enforce the principle of least privilege. *Authentication Protocols: Ensure the proper configuration and integration of various authentication protocols, including SAML, OAuth, OIDC, and SCIM for application and service provisioning. *Device Management: Secure Bring Your Own Device (BYOD) and other device access by implementing device-based access policies and configurations. Desirable skills/knowledge/experience: *Excellent analytical and problem-solving abilities. *Strong communication and collaboration skills to work effectively with technical and non-technical teams. *A proactive mindset and the ability to adapt to a fast-paced, evolving threat landscape. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

IT Manager Our Client is a Bank based in Central London, are looking to recruit an IT Manager ideally with at least 2 years of experience in IT within the financial industry and overall 7 to 10 years of experience in IT. You will be working in a small team managing the day-to-day technology infrastructure to ensure that the Bank can operate efficiently. Cybersecurity Strategy and Planning Evaluate and proritize security initiatives for the branch in London in collaboration with GT (Group Technology) - Group IT Security. Stay up-to-date with the latest cybersecurity threats and trends and escalate risks promptly. Ensure compliance with relevant industry regulations and standards (e.g., GDPR and any other applicable to the IT). Evaluate GT s compliance with relevant regulatory standards (eg ISO 27001) as part of critical vendor performance assessment ensuring operational resilience is maintained. In collaboration with GT, manage security systems, including firewalls, intrusion detection/prevention systems, and antivirus software. In collaboration with GT, Develop and test incident response plans and coordinate responses to security incidents and breaches Raise awareness of cybersecurity issues among bank London employees; conduct annual training /workshops to educate staff on security best practices aligned with GT. Other Duties Maintain professional and technical knowledge (Conduct Rule 2) e.g. by attending educational workshops; read professional publications; benchmarking state-of-the-art practices etc where relevant. Collaborate with stakeholders to handle backlogs and new requirements - Resolve conflicts and remove blockers for the team - Monitor, track and uphold quality of deliverables. Be the point of contact for external communications and facilitate internal communication for effective collaboration on IT related matters. Ensure work deliverables are in compliance with policies and regulatory requirements . Maintains quality service by establishing and enforcing organization standards. To act as second/third level support with GT for support related issues. To comply with all applicable FCA/PRA conduct rules. Compliance with all mandatory training as set by the Branch/Group. Technical/Functional skills - Proficient in common operating systems o Windows 10, Windows Server 2018 and above o Redhat Linux based Operating System - Software proficiency o VMWare v6.7 and above o Veeam Backup and Replication o Symantec Endpoint Protection o Symantec Endpoint Encryption o ManageEngine Patch Manager Plus o Microsoft Office 365 o Bloomberg FXT/eikons o Murex Treasury System o SWIFT Alliance Access (SAA) - Networking (IT) o Cisco Switches and Routers o Fortigate Firewalls o LAN/WAN Routing - Hardware o Dell PowerEdge Servers o Dell PowerVault SAN Storage - Data analysis - Basic PC/Laptop support (formatting, imaging, etc) - Experience of writing and updating IT policies, standards, procedures, and guidelines Personal skills (Soft Competencies [Core/Leadership]) - Committed and dedicated to team deliverables. - Ownership of the business - Strong interpersonal stakeholders management skills - Strong written and verbal communication skills - Ability to train IT staff, supervise and motivate team members for high performance - Experience in coordinating installations, upgrades, and maintenance - Knowledge of architecture processes and performance reports of operating systems - Strong analytical/critical thinking skills - Ability to understand and oversee code development Qualifications: Bachelors degree qualification in relevant discipline Professional Qualification and/or Regulatory, Licensing requirements Project management certification (e.g., PMP, PRINCE2) is highly desirable. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are highly desirable. Relevant Work Experience At least 6 years of experience in IT within the financial/banking industry is preferable. Minimum of 2 years experience in managing staff or managing teams in a cross functional set-up. The position is based in Central London and is hybrid 3 days w eek in the office. The salary for this position will be up to £65K. Please do send your CV to us in Word format along with your salary and notice period.

Role: Data analyst Rate: Inside IR35 Location: 2-3 days onsite in Luton Duration: 6 months initially Data Steward will be responsible for ensuring data quality, governance, and compliance across critical operational datasets, enabling reliable analytics and reporting. The role will focus on managing metadata, monitoring data reliability, and supporting business users in leveraging trusted data. Key responsibilities: Data Governance & Stewardship · Define and enforce data governance standards, policies, and processes across airline operational datasets. · Collaborate with business stakeholders to document business definitions, data ownership, and stewardship guidelines. · Maintain data dictionaries, metadata, and lineage within Atlan. Data Management & Quality: · Be the technical lead for the Data Management and Quality. Develop the technical designs of all Data Management frameworks and operating models and ensure that are embedded in our people, tools, and business processes. Monitor use of all the data management frameworks and operating models across the organisation to ensure compliance with the data management best practice defined internally at customer Data Quality & Reliability · Monitor and ensure data accuracy, completeness, timeliness, and consistency across systems. -Leverage Monte Carlo for data observability-proactively detecting, resolving, and preventing data quality issues. · Work with data engineering teams to establish data validation, profiling, and anomaly detection frameworks. Stakeholder Engagement & Support · Act as a bridge between business and technical teams, ensuring alignment of data requirements. · Provide training and guidance to business users on accessing and using trusted datasets. · Support airline operations by ensuring operational reports and dashboards are built on consistent, high-quality data. · Facilitate data lifecycle management (from ingestion to archival) while ensuring compliance with airline industry standards · Ensure adherence to aviation regulatory requirements, data privacy, and security standards. · Maintain access controls and data-sharing policies in line with organizational and industry guidelines. Key skills/knowledge/experience: · Strong experience with data observability and quality monitoring. · Proficiency in metadata management, cataloging, and lineage tracking. · Solid understanding of data governance, master data management, and data lifecycle practices. · Familiarity with airline/aviation operational data (crew, scheduling, flight ops, maintenance) preferred. · Excellent communication skills to collaborate with IT teams, analysts, and business stakeholder LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Splunk Enterprise Security Developer 6 Month contract initially Based: Hybrid/London Rate: £450 - £500 (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We a great opportunity for a Splunk Enterprise Security Developer to join the team. Experience with Splunk ES involves using it as a SIEM to detect, investigate, and respond to security threats through features like incident investigation, 24/7 threat monitoring, automated response playbooks via Splunk SOAR, AI-powered agentic capabilities, and customizable analytics. Key aspects of this experience include data ingestion and correlation from diverse sources like firewalls and endpoints, building correlation searches, creating and assigning findings, and utilising a unified workflow with features like response plans and case management to streamline SOC operations The ideal candidate will have experience in Splunk Enterprise skills, ITSI implementation, support of Splunk in a multi-site clustering environment, understanding of CIM and DMA, Red Hat, Windows. Key Skills & Experience: * Candidate must be Excellent Splunk Enterprise 7/8., Splunk SOAR skills * Good ITSI implementation skill * Understanding of Installation, management, and support of Splunk 7/8, in a multi-site clustering environment * Hands on experience of security data sources on-boarding / parsing. * Development of security use cases using Splunk Enterprise with good understanding of CIM and DMA. * Practical experience in monitoring and tuning a Splunk environment to provide a high availability service * Demonstrate a good knowledge of Splunk apps and the way in which those apps interact with the underlying infrastructure * Ownership of the deliveries for small to large size Splunk onboarding projects * Competent in command line and GUI interfaces of Splunk Enterprise /ITSI * Good understanding of Security models and auditing policies of Splunk * Ability to automate repetitive Splunk tasks to remove workload from the team * Demonstrate knowledge of implementing and supporting Splunk as a shared service Red Hat, Windows This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Information Security Manager Role Description This is a full-time role as an Information Security Manager for Bank in Central London. The Information Security Manager will be responsible for day-to-day tasks related to information security management, including implementing and maintaining Information Security Management Systems (ISMS), ensuring cybersecurity and network security, and protecting sensitive information. This is a hybrid role, based in London with the flexibility for some remote work. Qualifications Information Security Management, ISMS, and Cybersecurity skills Network Security and Information Security knowledge Experience in implementing and maintaining ISMS Proficient in identifying and addressing information security vulnerabilities Strong analytical and problem-solving skills Excellent communication and interpersonal skills Certifications such as CISSP, CISM, or equivalent are preferred Bachelor's degree in Information Security, Computer Science, or related field Information Security Manager role (permanent) reporting into Head of IT (CIO | CISO) Need an individual with a strong hands on network and security background Cisco networking Cisco firewalls (Firepower / Threat Detection) Palo Alto firewalls SIEM experience (Logarithm desirable) Web proxy (Forcepoint desirable) Governance skills Policy writing / reviewing Reporting KPI monitoring Certifications like CCNP / CISM would be desirable but strong experience is preferable. The Client is based in Central London and the position is hybrid - 3 days in the office every week. Salary circa £60K - £75K + Benefits. Please do send your CV to us in Word format along with your salary and notice period.