Get AI-powered advice on this job and more exclusive features.
This range is provided by Anson McCade. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range
Direct message the job poster from Anson McCade
Security Clearance Required: BPSS and SC clearance (typically requires 5 years continuous UK address history, usually including no periods of 30 consecutive days or more spent outside of the UK, and declaration of being a British passport holder with no dual nationality at the point of application)
About the Role
Join a fast-growing Cyber Practice as part of our Blue Team, where you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. If you’re looking to make your mark on a rapidly growing SecOps team with some very exciting clients, this is the opportunity for you.
We’re searching for an experienced technical Cyber Security Operations Specialist to join our Blue Team. This is a senior role, and the ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response.
Key Responsibilities
* Detection Engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks)
* Collaborate with the extended security team to identify gaps in detection coverage, log ingestion, and alerting based on business risks and threats
* Review and improve existing SecOps standards and capabilities by highlighting requirements for additional logging, identifying incident or threat trends, and detection and business‑as‑usual optimisation opportunities
* Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to 5:30PM)
* Respond to and investigate identified cyber security incidents
* Act as a point of escalation for junior analysts, supporting them through mentorship and shadowing
* Operate as a technical subject matter expert on client engagements and be prepared to interact with and present to senior stakeholders in a consulting capacity
* Participate in alert testing and incident response tabletop exercises as required
* Remain up to date with latest threat intelligence which may be of interest to clients
Additional Responsibilities (Client Dependent)
* Proactive threat hunting and tradecraft development
* Incident response and playbook development
* Change approvals (where applicable)
* Collection and interpretation of different sources of threat intelligence and researching emerging threats and TTPs
* Vulnerability scanning, management, and reporting
* Opportunity to operate in a management and leadership capacity if this aligns with your personal career goals
Note: This role requires approximately 1‑week per month on‑call availability for high priority incident response. Additional compensation is provided for this, and the frequency is client dependent.
Desirable Skills and Experience
* Working knowledge of key threat intelligence concepts such as the Pyramid of Pain, Intelligence Preparation for the Cyber Environment (IPCE), and the Threat Intelligence Lifecycle
* Detection Engineering and Alert Development
* Experience with Scripting and Programming (e.g. Python/Bash/C/C++/Java)
* Core cybersecurity concepts such as network security, cryptography, cloud security, forensics
* Understanding of network protocols and how they can be abused by attackers
* Up‑to‑date knowledge of the most prevalent APTs and their TTPs
* Knowledge of common analysis techniques associated with Windows and/or Linux
Don’t worry if you don’t tick every box – we’d still love to hear from you! If you’re excited about the role and think you could make a difference, please get in touch.
What’s in it For You
In addition to a competitive salary and bonus, you’ll receive an extensive benefits package including:
* Up to 25 days of vacation per year
* Private medical insurance
* Three days leave per year for charitable work of your choice
Flexibility and mobility are required to deliver this role to deliver first‑class services.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Technology, Information and Media
#J-18808-Ljbffr