Find your next tech and IT Job or contract IDS/IPS

SEA TPI recrute un Administrateur systèmes et réseaux, dans le cadre d'un renfort des équipes IT de notre client, basé à Reims, en raison d'un déménagement de site et de la continuité de service (MCO). Au sein de l'équipe Administration systèmes et réseaux, vous aurez pour missions principales : Maintenance et Exploitation (MCO) : • Vérification quotidienne du bon fonctionnement des systèmes (Windows Server, Linux). • Résolution des incidents (niveau 1 et 2) ou escalade vers l'administrateur référent. • Gestion des tickets (30 à 50/semaine) via Freshservice : • Prise en charge, suivi, et résolution directe si possible. • Dispatch des tickets non résolus selon leur typologie (problème/changement). • Support utilisateurs local (assistance technique, formation ponctuelle). • Permanence pendant les congés (sur site ou à distance). Administration Systèmes et Réseaux : • Supervision des équipements (Cisco, Meraki, Fortinet FortiGate). • Gestion des accès et droits (AD, Azure AD, SSO, MFA). • Administration des environnements virtualisés (Nutanix, Azure). • Sauvegarde et restauration des données (Veeam ou équivalent). • Monitoring des performances (seuils d'alerte, paramétrage des systèmes). Sécurité et Conformité : • Application des politiques de sécurité (patchs, antivirus, IDS/IPS). • Gestion des accès sensibles (logs obligatoires pour toute modification en production). • Respect des règles de confidentialité (accès à des données personnelles, BAL). • Documentation des interventions (traçabilité des actions). Reporting et Collaboration : • Suivi quotidien des interventions (via ticketing). • Reporting hebdomadaire d'activité (format mail ou autre). • Mise à jour de la base de connaissances si nécessaire. • Collaboration avec l'équipe IT interne et les autres prestataires. Informations complémentaires sur le poste : • Présence sur site fortement recommandé mais télétravail possible pendant la fermeture des campus pour assurer la permanence. • Horaires de bureau (pas d'astreinte nocturne ou week-end, sauf exception). • Disponibilité pendant les congés de l'équipe interne. • Accès à des données sensibles (BAL, environnements de production en lecture/écriture avec logs). Les missions énumérées ci-dessus ne sont pas exhaustives, il s'agit des missions principales. Référence de l'offre : 4k7110nejg

Vous intégrerez l’équipe Infrastructures & Sécurité au sein de la DSI, en charge de la disponibilité, la performance et la protection du réseau d’entreprise (LAN, WAN, WLAN, Datacenter, Cloud). L’expert Réseaux & Sécurité intervient en support niveau 3, en conseil et dans la conduite de projets techniques stratégiques. En tant qu’Expert Réseaux & Sécurité, vous serez responsable du bon fonctionnement et de la sécurisation des infrastructures de communication. Vos principales missions seront : Concevoir, déployer et maintenir les architectures réseaux (LAN, WAN, WLAN, VPN, SD-WAN) . Administrer et sécuriser les équipements (Cisco, Aruba, Fortinet, Palo Alto, Check Point, etc.). Gérer les firewalls, proxys, load balancers, routeurs, switches, NAC, IDS/IPS . Garantir la résilience, la disponibilité et la supervision des infrastructures critiques. Appliquer les politiques de sécurité et participer à la gestion des incidents et vulnérabilités . Réaliser des audits techniques , documenter les configurations et rédiger les rapports d’exploitation. Contribuer à des projets d’évolution : migration, segmentation réseau, mise en conformité, déploiement Cloud (AWS / Azure). Participer à l’ automatisation et à l’industrialisation des opérations réseau et sécurité (scripts, Ansible, etc.)

L’architecte sécurité interviendra en accompagnement et coaching sécurité sur les projets d’une entité du groupe bancaire. Il contribuera à la définition, à l’évaluation et à la sécurisation des architectures SI, en lien étroit avec les équipes IT, infrastructure, support et sécurité (LOD1 & LOD2). Missions principales Participer aux audits et évaluations de sécurité sur les sites en France et à l’international. Assurer un accompagnement sécurité dans les projets : définition des exigences, validation des architectures et suivi des livrables. Concevoir l’architecture sécurité des solutions : Choix technologiques et orientations d’architecture. Plans de transition et d’intégration. Recommandations d’amélioration continue (sécurité, performance, coûts). Formaliser les livrables : guides, standards et documents d’urbanisation sécurité. Réaliser une veille technologique et proposer des solutions innovantes. Animer et synthétiser des présentations auprès de comités de pilotage ou stratégiques. Compétences attendues 🔹 Expertise technique Architecture et infrastructure de sécurité Analyse de sécurité et gestion des risques (ISO 27005, EBIOS) Méthodologie d’audit sécurité : collecte, évaluation, recommandations Pilotage et coordination de projet sécurité 🔹 Connaissances transverses Sécurité réseau (FW, IDS/IPS, segmentation) IAM / gestion d’identité (AD, LDAP, etc.) Sécurité système (vulnérabilités, EDR, hardening) Sécurité cloud (M365, CSPM, policies) DevSecOps Bastions et réseaux d’administration Protection des données (DLP, bases de données, accès) Détection et réponse aux incidents (SOC, SIEM, etc.) Anglais professionnel 🔹 Environnement et standards Bon niveau sur les standards de sécurité en entreprise : PCA, RGPD, DORA, LPM Maîtrise des outils de GRC et des principes de défense en profondeur Capacité de synthèse et vulgarisation de sujets complexes

Démarrage : Dès que possible Contexte et environnement Au sein du CyberSOC d’un grand groupe, vous intégrerez une équipe d’experts dédiée à la supervision, la détection et la réponse aux incidents de sécurité. Dans un contexte de forte montée en puissance des menaces et d’évolution constante des technologies, l’objectif est d’assurer une surveillance proactive et une amélioration continue des dispositifs de sécurité, en s’appuyant sur des outils et des méthodologies à la pointe de la cybersécurité. Vous interviendrez dans un environnement exigeant, orienté vers la performance, la réactivité et l’innovation , au sein d’une cellule où la collaboration et le partage des connaissances sont au cœur des pratiques quotidiennes. Missions principales Rattaché(e) au responsable du CyberSOC, vous participerez activement à la détection, l’investigation et la résolution d’incidents de sécurité, tout en contribuant à l’amélioration des processus et des outils de surveillance. Vos principales missions incluront : Analyse et traitement des incidents de sécurité : Surveiller en temps réel les alertes issues des outils de supervision (Splunk, SIEM, EDR, IDS/IPS, etc.). Identifier, qualifier et prioriser les incidents selon leur niveau de criticité. Réaliser des investigations approfondies sur les événements suspects à l’aide de Splunk et d’autres outils d’analyse. Proposer et mettre en œuvre des mesures correctives ou préventives pour réduire les risques de récurrence. Optimisation et automatisation : Améliorer en continu les règles de détection et les corrélations dans Splunk. Développer des tableaux de bord, rapports et alertes adaptés aux besoins opérationnels et stratégiques. Contribuer à des projets d’innovation autour de Splunk Enterprise Security , du Risk-Based Alerting (RBA) et du Machine Learning Toolkit (MLTK) pour renforcer la pertinence des détections et automatiser certaines tâches répétitives. Threat Hunting et veille de sécurité : Mener des campagnes de threat hunting afin d’identifier les menaces avancées non détectées par les systèmes automatiques. Exploiter les indicateurs de compromission (IoC) issus de différentes sources pour enrichir les scénarios de détection. Effectuer une veille active sur les nouvelles vulnérabilités, techniques d’attaque et outils défensifs. Documentation et capitalisation : Alimenter les bases de connaissances internes via Confluence, Git ou SharePoint . Rédiger des rapports d’incidents détaillés et des comptes rendus d’investigation. Participer à la mise à jour des procédures et à la formalisation des bonnes pratiques SOC.

SEA TPI recrute un Administrateur système et réseaux F/H, dans le cadre d'un renfort des équipes IT de notre client, basé à Rouen, en raison d'un déménagement de site et de la continuité de service (MCO). Au sein de l'équipe Administration systèmes et réseaux, vous aurez pour missions principales : Maintenance et Exploitation (MCO) • Vérification quotidienne du bon fonctionnement des systèmes (Windows Server, Linux). • Résolution des incidents (niveau 1 et 2) ou escalade vers l'administrateur référent. • Gestion des tickets (30 à 50/semaine) via Freshservice : • Prise en charge, suivi, et résolution directe si possible. • Dispatch des tickets non résolus selon leur typologie (problème/changement). • Support utilisateurs local (assistance technique, formation ponctuelle). • Permanence pendant les congés (sur site ou à distance). Administration Systèmes et Réseaux • Supervision des équipements (Cisco, Meraki, Fortinet FortiGate). • Gestion des accès et droits (AD, Azure AD, SSO, MFA). • Administration des environnements virtualisés (Nutanix, Azure). • Sauvegarde et restauration des données (Veeam ou équivalent). • Monitoring des performances (seuils d'alerte, paramétrage des systèmes). Sécurité et Conformité • Application des politiques de sécurité (patchs, antivirus, IDS/IPS). • Gestion des accès sensibles (logs obligatoires pour toute modification en production). • Respect des règles de confidentialité (accès à des données personnelles, BAL). • Documentation des interventions (traçabilité des actions). Reporting et Collaboration • Suivi quotidien des interventions (via ticketing). • Reporting hebdomadaire d'activité (format mail ou autre). • Mise à jour de la base de connaissances si nécessaire. • Collaboration avec l'équipe IT interne et les autres prestataires. Informations complémentaires sur le poste : • Présence sur site fortement recommandé mais télétravail possible pendant la fermeture des campus pour assurer la permanence. • Horaires de bureau (pas d'astreinte nocturne ou week-end, sauf exception). • Disponibilité pendant les congés de l'équipe interne. • Accès à des données sensibles (BAL, environnements de production en lecture/écriture avec logs). Les missions énumérées ci-dessus ne sont pas exhaustives, il s'agit des missions principales. Référence de l'offre : 9a113iz6qn

Dans le cadre du renforcement des infrastructures IT, nous recherchons un Ingénieur Réseaux & Sécurité afin d’assurer la conception, l’administration et la sécurisation des environnements réseaux au sein d’une équipe transverse. L’ingénieur interviendra à la fois sur le RUN (exploitation et maintien en condition opérationnelle) et sur les projets d’évolution liés aux infrastructures réseaux et à la cybersécurité. Missions Administrer, exploiter et sécuriser les infrastructures réseaux (LAN, WAN, WLAN, VPN, SD-WAN). Gérer et configurer les firewalls et solutions de sécurité (Cisco ASA, Fortinet, Palo Alto, Check Point). Participer aux projets de transformation : migrations réseaux, déploiement de nouvelles solutions de sécurité, cloud networking. Contribuer au renforcement de la cybersécurité : filtrage, IDS/IPS, durcissement, segmentation réseau, Zero Trust. Assurer le monitoring et le troubleshooting (analyse de flux, logs, performances). Participer aux audits de sécurité et à la gestion des incidents. Rédiger et maintenir la documentation technique.

Senior Azure Cloud Infrastructure Analyst The Senior Azure Cloud Infrastructure Analyst is a hands-on role planning and managing Azure cloud infrastructure delivery, including daily management, DevOps, capacity planning, and participating in defining the company’s global infrastructure architecture. The Senior Analyst will ensure the quality and timely delivery of technology efforts in support of strategic infrastructure projects and works closely with other teams to define infrastructure requirements to support applications, security, and compliance initiatives. The Senior Azure Cloud Infrastructure Analyst works with different teams to design and implement cloud solutions that fit organizational requirements. This individual is an expert in Azure DevOps and Azure infrastructure and security configurations, recommends standards and security requirements that match written information security policy. Prior experience in an international enterprise environment is essential. Responsibilities: Collaborate with IT teams for input and operational requirements to design and implement overall cloud infrastructure and security strategy. Coordinate and lead infrastructure\security initiatives in the Azure cloud. Serve as the technical lead in Azure cloud DR and recovery strategies that align with information security policies. Develops and implements backup and recovery strategies to support data retention requirements. Evaluates and designs highly available, scalable, and redundant applications in the Azure cloud. Coordinates with cross-functional teams to support development, code promotion, continuous improvement following DevOps / DevSecOps best practices. Participate in the development and testing of an incident response planfor incidents that affect the cloud infrastructure. Ensure infrastructure is maintained and security is designed for every deployment. Manages projects to ensure that the delivery is on-time, within budget, and adopted to meet the company's information protection requirements. Actively supports the organization's cloud initiatives and responds to business requirements while achieving SLAs in place to support the organization's needs. Adhere to applicable change management policy and procedure. Qualifications: Bachelor's degree required. Candidates must possess significant analytical skills, which evolved from early academic training in Networking, Information Systems, Computer Science, or similar discipline. Minimum of 5 years' experience in a variety of infrastructure technologies. Ability to lead multi-disciplined teams when conducting incident root cause analysis Serve as the technical expert in the Azure cloud. Proficient in continuous integration, continuous delivery concepts (DevOps), with DevSecOps highly desirable. Desired Qualifications: Any Azure, AWS, GCP, Nutanix, Meraki, Cisco, or security certifications Knowledge and experience with Microsoft Office and Visio Knowledge of WAN technologies, including MPLS, SD-WAN Knowledge of cloud-provided infrastructure (AWS, GCP) Prior experience implementing/maintaining Cisco ELA products including DNA, Firepower, ISE Management console, Umbrella, AMP, Stealth watch, as well as Splunk, SolarWinds, Varonis, and Darktrace Project management skills are highly desirable Proficiency in hybrid cloud, virtualization, Server OS, SAN, SMTP, email relay, email security, Active Directory, Group Policy, DNS, DHCP Working knowledge of Cisco network switches, routers, firewalls and VPN, DLP, antivirus, IDS/IPS, SIEM, SQL VDI, and Security concepts ITIL Foundation Certification Previous experience in a HIPAA/FDA regulated environment The role will be based in Trumbull CT USA. The salary for this position is in the range $120K - $135K. Please do send your CV to us in Word format along with your salary and availability.

Job Title: Threat Detection Analyst Location: Preston, Frimley or Filton . We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £43,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber and insider incidents Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Escalate suspected major security incidents / complex investigations where support is required Build, test, and deploy new detection capabilities across the environment in line with threat intelligence Ensure services are operated in line with agreed service definitions and measures Contribute to the development of the services through process, people and technology where appropriate Your skills and experiences: Essential: Broad and detailed experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDN's and Vulnerability Management A good technical and analytical background with a detailed knowledge of cyber security, computer networks and operating systems Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g., Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or cyber operations (Government or commercial sector) environments Previous experience working within Cyber Operations utilising SIEM platforms Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 11th November 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-SH1 #LI-Hybrid

Job Title: Senior Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary; Circa £50,000 depending on experience and skills What you'll be doing: Triage, analyse and investigate alerts, log data and network traffic using the monitoring platforms and Internet resources to identify cyber-attacks / security incidents Delivery of core triage function as part of 24/7 protective monitoring services across a range of networks/services Act as a mentor and as an escalation point within the team for technical queries Ensure timely and accurate communication of incidents to IT, network or security teams across BAE Systems Escalate suspected major security incidents / investigations where support is required Define monitoring use cases and develop prototype rules with minimal supervision for example In response to intelligence or gaps in defences Contribute to the development of the services through people, process and technology where appropriate Build a comprehensive knowledge of BAE Systems IT systems to support monitoring activities and tailor remediation recommendations to systems Contribute to and help define requirements for future security capabilities along with the Lead Analyst Your skills and experiences: Essential: Technical background with experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, Networking, Cloud and Vulnerability Management Analytical background and comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations Knowledge and experience of using tools to dissect common threats to produce useable IOCs. E.g. Malicious document analysis Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these Desirable: Background of prior experience of working in an information and/or cyber security environment (Government or commercial sector) environments Previous experience working within Cyber Operations utilising SIEM platforms Relevant security certifications such as CISSP, SSCP, CEH, GCIH or GCIA Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and services we create. Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 7th November 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-SH1 #LI-Hybrid

🎯 Missions principales : - Stratégie de sécurité globale : Définir et piloter la stratégie de cybersécurité du groupe en alignement avec nos objectifs de croissance et d'innovation, notamment en pilotant la certification ISO 27001 et SOC2. - Gestion des risques et conformité : Identifier les risques de sécurité, évaluer leur impact, et mettre en place des plans de remédiation. S'assurer de la conformité avec les réglementations applicables et des exigences spécifiques des clients. - Sécurisation de la plateforme : Assurer la sécurité de notre plateforme OMS, en particulier sur des environnements cloud (OVHCloud/GCP), tout en gérant les aspects liés à la confidentialité et la protection des données sensibles de nos clients. - Protection et surveillance : Superviser les outils de surveillance de la sécurité (SIEM, IDS/IPS), assurer la mise en œuvre des meilleures pratiques en matière de cryptographie, et déployer des systèmes de détection et de réponse aux incidents. - Réponse aux incidents : Piloter la gestion des incidents de sécurité, définir des plans de continuité et de reprise d’activité, et améliorer constamment nos processus de gestion des crises. - Formation et sensibilisation - Veille technologique et innovation

A WS Cloud Infrastructure Analyst The AWS Cloud Infrastructure Analyst is a hands-on role planning and managing AWS cloud infrastructure delivery, including daily management, capacity planning, and participating in defining the Company’s global infrastructure architecture. The Analyst will ensure the quality and timely delivery of technology efforts to support strategic infrastructure projects and works closely with other teams to define infrastructure requirements to support applications, security, and compliance initiatives. The AWS Cloud Infrastructure Analyst works with different teams to design and implement cloud solutions that fit organizational requirements. As an expert in AWS infrastructure and security configurations, recommends standards and security requirements that match written information security policy. Prior experience in an international enterprise environment is essential . Responsibilities: Collaborate with IT teams for input and operational requirements to design and implement overall cloud infrastructure and security strategy. Coordinate and lead infrastructure\security initiatives in the AWS cloud. Serve as the technical lead in AWS cloud DR and recovery strategies that align with information security policies. Develops and implements backup and recovery strategies to support data retention requirements. Evaluates and designs highly available, scalable, and redundant applications in the AWS cloud. Participate in the development and testing of an incident response plan for incidents that affect the cloud infrastructure. Ensure infrastructure is maintained and security is designed for every deployment. Manages projects to ensure that the delivery is on-time, within budget, and adopted to meet the company's information protection requirements. Actively supports the organization's cloud initiatives and responds to business requirements while achieving SLAs in place to support the organization's needs. Adhere to applicable change management policy and procedure. Qualifications: Bachelor's degree required. Candidates must possess significant analytical skills, which evolved from early academic training in Networking, Information Systems, Computer Science, or similar discipline. Minimum of 5 years' experience in a variety of infrastructure technologies. Ability to lead multi-disciplined teams when conducting incident root cause analysis. Serve as the technical expert in the AWS cloud. Desired Qualifications: Any Azure, AWS, GCP, Nutanix, Meraki, Cisco, or security certifications. Knowledge and experience with Microsoft Office and Visio Knowledge of WAN technologies, including MPLS, SD-WAN Knowledge of cloud-provided infrastructure (AWS, GCP) Prior experience implementing/maintaining Cisco ELA products including DNA, Firepower, ISE Management console, Umbrella, AMP, Stealth watch, as well as Splunk, SolarWinds, Varonis, and Darktrace Project management skills are highly desirable Proficiency in hybrid cloud, virtualization, Server OS, SAN, SMTP, email relay, email security, Active Directory, Group Policy, DNS, DHCP Working knowledge of Cisco network switches, routers, firewalls and VPN, DLP, antivirus, IDS/IPS, SIEM, SQL VDI, and Security concepts ITIL Foundation Certification Proficient in continuous integration, continuous delivery concepts (DevOps), with DevSecOps highly desirable. Previous experience in a HIPAA/FDA regulated environment Competencies: To perform the job successfully, an individual should demonstrate the following behaviors: Strong English oral and written communication skills Motivated and curious, willing to ask questions, research issues, and take on challenging projects/assignments; creative, brings innovative ideas to the table, exhibits self-confidence. Possesses the ability to organize and follow-through on multiple tasks. Recognizes and attends to vital details with accuracy and efficiency. Effectively prioritizes the work of staff members. Works to complete goals, tasks, and plans. Anticipates potential problems and analyzes alternative solutions. Develops/ maintains effective working relationships by listening attentively to others; communicates ideas clearly (written & verbal) while relating to people in an open/ sincere manner and participating effectively in meetings. You will also help find solutions, identify problems, communicate appropriately with the supervisor, and interact with co-workers. Able to maintain a calm and reliable demeanor in the face of challenges. Diagnoses problems efficiently, gather sufficient input before making decisions or plans, makes timely decisions, quickly determines sources of problems, identifies information needed to solve problems, analyzes and communicates issues with effective alternative solutions to the team. Sensitive & responsive to internal customer needs, demonstrate customer service skills, maintains a positive attitude, is willing to listen to customer problems, seeks solutions, and stays in tune with customers' changing needs. The role will be based in Trumbull, Connecticut USA. The salary for this role will be in the range $90K - $110K. Please do send your CV to us in Word format along with salary and availability.

SOC Analyst (Outside IR35) 12 Month Contract Full time on site in Birmingham £375 - £475 Outside IR35 (Depending on experience) Requires an active DV Clearance Role Summary Support the client's Security Operations Centre (SOC) with hands-on Splunk SIEM expertise, threat detection, incident response, and continuous improvement of security operations. Core Responsibilities * Operate and tune Splunk SIEM: detection logic, correlation rules, dashboards, playbooks * Triage alerts and manage incidents through resolution * Aggregate and correlate logs from multiple sources * Conduct threat hunting and integrate threat intelligence * Maintain documentation and contribute to SOC knowledge base * Support continuous improvement and R&D initiatives Required Skills & Experience * Strong Splunk SIEM experience (content creation, tuning, reporting) * Live SOC environment experience * Knowledge of OS (Windows, Linux, OSX), firewalls, IDS/IPS, networking * Familiarity with NIST, ISO 27001, MITRE ATT&CK, CIS frameworks * Threat analysis, detection engineering, vulnerability tools * Stakeholder engagement and incident/crisis management Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.