Salary: £38,000 - 71,000 per year Requirements: We require experience operating within a Security Operations or SecOps function. We require hands-on experience with SIEM tools such as ELK, EDR, and vulnerability management tooling. We require experience securing Linux and Windows environments. We require an understanding of ISO 27001 and secure configuration principles. We require experience supporting cloud or virtualised platforms such as VMware. We require the ability to investigate and respond to security incidents. We require a strong understanding of operational security within governed environments. We require eligibility for DV clearance or the ability to obtain it. We prefer experience in MOD or classified environments. We prefer automation experience with Ansible, Terraform, or scripting. We prefer experience with Nessus, Tenable, or similar tools. We prefer familiarity with JSP 440, JSP 441, JSP 453, and NCSC guidance. We prefer knowledge of VMware NSX-T and vSphere. We prefer security certifications such as CISSP, Security, or GIAC. We prefer a background in networking and infrastructure security. Responsibilities: We monitor and respond to security events, alerts, and incidents across cloud, platform, and application layers. We investigate alerts, perform incident triage, and escalate issues as needed. We conduct structured incident response activities. We execute vulnerability scans and interpret the results. We prioritise remediation based on risk and impact. We track and verify remediation activities. We maintain secure configurations across VMware, Linux, Windows, and network security controls. We support least privilege and zero-trust principles. We operate and maintain SIEM, EDR, vulnerability scanning, and cloud-native security tools. We improve detection rules and alert quality. We contribute to automation of security processes. We support ISO 27001 control operation and evidence collection. We maintain audit trails and configuration baselines. We support compliance and accreditation activities aligned to JSP 440, JSP 441, and JSP 453. We assess changes for security impact and ensure deployments meet security requirements. We support secure-by-design implementation during change and release activities. We maintain SOPs, runbooks, and incident documentation. We contribute to continuous improvement of SecOps processes and tooling. Technologies: Ansible Cloud ELK Support JSP Linux Network Security Terraform VMware Windows Bash Firewall PowerShell Python More: We are seeking a hands-on Security Operations (SecOps) Engineer to help secure and operate a MoD-hosted private cloud environment and its associated services from our Portsmouth location. In this role, we deliver active defence for live services by combining security monitoring, vulnerability management, platform hardening, and operational security assurance. We work across infrastructure, platform, and data layers to keep systems secure, compliant, and resilient within a highly governed environment. This role requires DV clearance or the ability to obtain it. last updated 23 week of 2026