Find your next tech and IT Job or contract Endpoint detection and response (EDR)

Information Security Manager Role Description This is a full-time role as an Information Security Manager for Bank in Central London. The Information Security Manager will be responsible for day-to-day tasks related to information security management, including implementing and maintaining Information Security Management Systems (ISMS), ensuring cybersecurity and network security, and protecting sensitive information. This is a hybrid role, based in London with the flexibility for some remote work. Qualifications Information Security Management, ISMS, and Cybersecurity skills Network Security and Information Security knowledge Experience in implementing and maintaining ISMS Proficient in identifying and addressing information security vulnerabilities Strong analytical and problem-solving skills Excellent communication and interpersonal skills Certifications such as CISSP, CISM, or equivalent are preferred Bachelor's degree in Information Security, Computer Science, or related field Information Security Manager role (permanent) reporting into Head of IT (CIO | CISO) Need an individual with a strong hands on network and security background Cisco networking Cisco firewalls (Firepower / Threat Detection) Palo Alto firewalls SIEM experience (Logarithm desirable) Web proxy (Forcepoint desirable) Governance skills Policy writing / reviewing Reporting KPI monitoring Certifications like CCNP / CISM would be desirable but strong experience is preferable. The Client is based in Central London and the position is hybrid - 3 days in the office every week. Salary circa £60K - £75K + Benefits. Please do send your CV to us in Word format along with your salary and notice period.

Security Analyst | 6 - Months | London | Hybrid My client is seeking a Security Analyst to join their SecOps team. The role involves managing day-to-day security operations, including handling security-related tickets and responding to alerts. The successful candidate will also conduct in-depth analysis of suspicious activities-ranging from malicious emails to process hierarchies-to strengthen the organization's defensive security posture. Key Responsibilities of the Security Analyst: Respond to and resolve escalated security incidents, performing hands-on troubleshooting to address issues effectively. Monitor and investigate security alerts using tools such as CrowdStrike, ensuring timely threat detection and response. Leverage knowledge of Base64 encoding and Windows SIDs (e.g., NT Authority/System) to analyze suspicious processes and assess privilege levels. Design and maintain SIEM dashboards, detection rules, and alerts within Splunk to enhance security visibility and automation. Manage identity, directory, and MDM services using JumpCloud, ensuring secure and efficient user and device management. Perform regular vulnerability assessments and risk analyses with Qualys to identify and mitigate potential security gaps. Collaborate closely with the SecOps team and cross-functional IT groups to maintain secure system configurations and improve security posture. Stay up to date on emerging cybersecurity threats, vulnerabilities, and industry best practices to strengthen organizational defenses. Required Experience and Technical Skills Demonstrated experience as a Security Analyst or as part of a Security Operations (SecOps) team, with a strong track record in incident response and threat mitigation. Hands-on expertise with CrowdStrike for security alert detection, investigation, and threat hunting. Must be proficient in Splunk for log analysis, alerting, and security event monitoring. Skilled in analyzing suspicious emails and applying email authentication techniques to prevent phishing attacks. Practical experience conducting process analysis on both Windows and macOS systems to identify potential security risks. Strong understanding of vulnerability management practices, with Qualys experience highly preferred. Proven ability to handle escalated security tickets efficiently and effectively. Desirable Experience Exposure to businesses operating outside of the traditional Microsoft ecosystem. Background in professional or regulated indust

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organization's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: • Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: • Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. • Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3rd party software. The aim of the role is to bring the MSP's (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organization based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3 party software. The aim of the role is to bring the MSP’s (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Job title: External Attack Surface Management Analyst Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa 45k dependant on skills and experience What you'll be doing: Supporting the Senior Attack Surface Management Analyst in maintaining the Global Attack Surface Management service to ensure BAE Systems perimeter assets are known and tested, and Shadow-IT assets are discovered and brought into governance Identifying and prioritising vulnerabilities across BAE Systems managed external assets as part of ongoing external attack surface management, coordinating remediation with resolver teams Reviewing and validating vulnerabilities detected by SaaS-based scanning tools, confirming exploitability and severity to inform accurate remediation Supporting vulnerability management across cloud and SaaS environments, identifying risks and coordinating remediation to safeguard externally hosted services Proactively detects external-facing security gaps and misconfigurations, ensuring timely escalation to relevant resolver teams for remediation Your skills and experiences: Essential A extensive technical background with a detailed knowledge of cyber security, computer networks and operating systems Broad and detailed experience of technologies including but not limited to DNS, Certificate Transparency, firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy systems Analytical background and is comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Desirable Good knowledge of technologies contributing to external risk, including publicly accessible services, user interfaces, and legacy system Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 5th September 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-NP1 #LI-Hybrid

Incident Responder / SOC Analyst (IRS) Monitor the organisation’s (cyber) security state, manage incident during cyber-attacks and assure the continued operations of ICT systems. Analyses, evaluates, and mitigates the impact of (cyber) security incidents. Restores systems’ and processes’ functionalities to an operational state according to the organisation’s Incident Response Plan. Nature of the tasks • Contribute to the development, maintenance and assessment of the Incident Response Plan. • Develop, implement and assess procedures related to incident handling. • Identify, analyse, mitigate, and communicate (cyber) security incidents. • Assess and manage technical vulnerabilities. • Measure (cyber) security incidents detection and response effectiveness. • Evaluate the resilience of the (cyber) security controls and mitigation actions taken after a (cyber) security or data breach incident. • Adopt and develop incident handling testing techniques. • Establish procedures for incident results analysis and incident handling reporting. • Document incident results analysis and incident handling actions. • Cooperate with Secure Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs). • Cooperate with key personnel (e.g., CISO, Legal and compliance officer), for reporting of security incidents according to applicable legal framework (NIS, GDPR....).