Splunk Jobs

Are you looking to take ownership of core security platforms in a regulated environment, influence how infrastructure security is managed day to day, and work autonomously on complex technical challenges while enjoying stability and the opportunity to deepen your security expertise?Salary: 50-60k Location: Epsom Working: Hybrid (3 days per week) Clearance: SC clearance eligible Contract Type: PermanentWhat you will need

Experience in infrastructure or security engineering roles

Firewall administration experience using enterprise platforms

SIEM and SOAR platform exposure with operational responsibility

Microsoft 365 security stack experience

Ability to work independently and make sound technical decisions

Key Responsibilities

Manage and maintain on premises security infrastructure

Own firewall, SIEM, SOAR and vulnerability management platforms

Investigate and resolve security and network issues under pressure

Strengthen security controls across Microsoft 365 services

Contribute to complex projects while maintaining operational security

Your experience

Firewall technologies such as Check Point or Palo Alto or equivalents

SIEM and SOAR tools such as Splunk SOAR or LogRhythm

Vulnerability management using platforms such as Tenable

Network troubleshooting experience in enterprise environments

Strong communication skills and a problem solving mindset

Key Words: IT security engineer, infrastructure security, firewall management, SIEM, SOAR, Microsoft 365 security, vulnerability management, network security, SC clearanceElectus Recruitment Solutions provides specialist engineering and technical recruitment solutions to a number of high technology industries. We thank you for your interest in this vacancy. If you don’t hear from us within 7 working days please presume your application has been unsuccessful on this occasion. You are of course free to resubmit your CV/details in the future and we shall assess your suitability at that time.Due to the nature of work undertaken at our client’s site, incumbents of these positions are required to meet special nationality rules and therefore these vacancies are only open to sole British Citizens. Applicants who meet this criteria will also be required to undergo security clearance vetting, if not already security cleared to a minimum SC level.This is a permanent position.

About the Role:Grade Level (for internal use): 11 Cyber Incident Response AnalystThe RoleAs a Cyber Incident Response Analyst, you will be part of the Cyber Defence team that develops and oversees the company’s security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based in the UK, you will support response and intelligence needs globally.Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). This role requires a detail-oriented, critical thinker who understands how adversaries exploit systems, networks, and people-and how to respond. Experience applying threat intelligence to investigations and to improve detections is highly desirable.Primary Responsibilities

Coordinate and triage response to cybersecurity events and conduct forensic analysis across endpoints, networks, cloud, and SaaS.

Integrate threat intelligence into investigations (e.g., enrich IOCs, map activity to MITRE ATT&CK, identify likely threat actors/TTPs, and assess potential impact).

Understand the threat landscape through collaboration with industry peers, FS-ISAC, trust groups, and commercial/open-source intelligence, translating insights into actionable recommendations.

Develop, maintain, and operationalize Incident Response playbooks and SOPs; include PIRs (Priority Intelligence Requirements), collection plans, and feedback loops to refine detections.

Work closely with the SOC to investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident reports.

Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviors, YARA/Sigma where applicable).

Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs) tailored to technical and non-technical stakeholders.

Contribute to vulnerability/threat surfacing (e.g., emerging CVEs, exploit trends) and advise on risk-based prioritization.

Deliver actionable incident and hunting metrics to management; assess detection coverage and recommend improvements.

Follow the end-to-end incident response lifecycle and support post-incident lessons learned with intelligence-driven enhancements.

Build an understanding of key S&P technology, systems, and business practices to contextualize threats and drive pragmatic defenses.

Participate in information-sharing activities (e.g., FS-ISAC submissions) in line with TLP and legal/compliance requirements.

Required Qualifications

Working knowledge of common cyber attacks, tools, and attacker tradecraft; ability to map activity to MITRE ATT&CK and articulate likely TTPs.

Demonstrated experience handling security events in critical environments and applying intelligence to accelerate triage and response.

Experience analyzing system, application, and cloud/SaaS logs to investigate security and operational issues; comfort enriching with IOCs and behaviours.

Hands-on experience with a SIEM (Splunk preferred) for investigations, alert creation, reporting, and threat hunting.

Ability to produce clear, actionable intel and incident reports, including executive-ready summaries and visuals.

Familiarity with threat intel workflows: collection planning, source evaluation, indicator lifecycle, PIRs, TLP, and feedback loops to detections.

Experience with one or more TIPs or intel data sources (e.g., MISP, OpenCTI, Recorded Future) and STIX/TAXII concepts.

3+ years of information security experience with a focus on incident response, threat hunting, or threat intelligence.

Excellent communication skills for varied business and technical audiences; strong presentation skills.

Comfortable working in a fast-paced environment; passion for cyber security.

Advanced knowledge of network protocols (TCP/IP, HTTP) and operating systems.

Preferred Qualifications

Experience in the financial services industry.

Familiarity with threat hunting techniques (hypothesis-driven, ATT&CK-aligned, behavior-based).

Windows and Linux administration tools and concepts.

Understanding of threat actors and the cybercrime ecosystem, including initial access vectors, monetization paths, and supply-chain/SaaS attack patterns.

Exposure to malware/TTP analysis at a functional level (family identification, persistence/discovery behaviors) and creation of detections (e.g., Sigma/YARA) is a plus.

Experience producing finished intelligence products (tactical through executive) and briefing senior stakeholders.

Relevant certifications (e.g., GCTI, GCFA/GCFR, GCIH, FOR578) or equivalent experience.

Familiarity with information-sharing standards and practices (FS-ISAC, TLP) and legal/compliance considerations.

Knowledge of cloud provider threat models and telemetry (AWS, Azure, GCP, M365/SaaS).

Second language and/or geopolitical awareness for actor context is a plus.

Compensation & BenefitsThis role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, visit https://www.spgbenefitessentials.com/newhires .About S&P GlobalAt S&P Global, we don’t give you intelligence-we give you essential intelligence. The essential intelligence you need to make decisions with conviction. We’re the world’s foremost provider of credit ratings, benchmarks and analytics in the global capital and commodity markets. Our divisions include S&P Global Ratings, S&P Global Market Intelligence, S&P Dow Jones Indices and S&P Global Platts. For more information, visit www.spglobal.com .S&P Global has a Securities Disclosure and Trading Policy (the Policy) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policy’s requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy.S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.What’s In It For You?Our Mission:Advancing Essential Intelligence.Our People:We’re more than 35,000 strong worldwide-so we’re able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. Join us and help create the critical insights that truly make a difference.Our Values: Integrity, Discovery, PartnershipThroughout our history, the world’s leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals.Benefits:We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you-and your career-need to thrive at S&P Global.Our benefits include:

Health & Wellness: Health care coverage designed for the mind and body.

Flexible Downtime: Generous time off helps keep you energized for your time on.

Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.

Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.

Beyond the Basics: From retail discounts to referral incentive awards-small perks can make a big difference.

For more information on benefits by country visit: https://spgbenefits.com/benefit-summariesGlobal Hiring and Opportunity at S&P Global:At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets.Recruitment Fraud Alert:If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com . S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here .Equal Opportunity EmployerS&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.If you need an accommodation during the application process due to a disability, please send an email to:" EEO.Compliance@spglobal.com “and your request will be forwarded to the appropriate person.”US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf " describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group)

Customer Support Engineer - DERMS

Stackstudio Digital Ltd.

+1

Role- Customer Support Engineer - DERMSLocation - Edinburgh/Paris/BucharestKey Responsibilities: Deliver L2/L3 support for DERMS applications, integrations, and services. Monitor system availability, performance, and data flows between DERMS, grid control systems (SCADA, ADMS, EMS), and distributed energy resources. Investigate and resolve incidents, service requests, and escalations in alignment with SLA requirements. Conduct root cause analysis (RCA) and drive permanent fixes for recurring or high-severity issues. Support patching, upgrades, deployments, and system configuration changes. Collaborate with engineering and product teams to implement improvements in scalability, reliability, and cybersecurity. Maintain knowledge base articles, SOPs, and runbooks for effective issue resolution. Provide technical support for DERMS functions such as DER aggregation, forecasting, optimization, scheduling, and dispatch. Participate in 24x7 on-call rotation to handle priority incidents and ensure continuous system availability. Ensure adherence to ITIL processes for incident, problem, and change managementRequired Qualifications: Bachelor’s degree in Electrical Engineering, Computer Science, or related field (or equivalent work experience). 3+ years of experience in application support, energy management systems, or grid operations platforms. Strong understanding of DERMS functions, distributed energy resources (solar, wind, batteries, EVs), and grid operations. Proficiency with Linux/Unix administration, databases (SQL/Oracle/PostgreSQL), and APIs/integration tools. Solid troubleshooting skills across application, middleware, and network layers. Experience with monitoring tools (Splunk, Grafana, AppDynamics, etc.). Familiarity with SCADA, ADMS, EMS, OMS, or other grid management systems. Excellent communication and problem-solving skills to collaborate with customers and cross-functional teams Preferred Skills: Prior experience supporting DERMS or other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell) for operational efficiency

Lead Content Detection Engineer

£50,000 to 65,000 GBP Bonus Hybrid WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: PermanentLead Content Detection Engineer - Leeds Up to £65,000 + Bonus | SC Clearance Required to Start | DV Sponsorship AvailableWe are seeking a highly experienced Lead Content Detection Engineer to join a national security-focused Security Operations Centre (SOC) in Leeds. This is a strategic, hands-on role combining technical expertise, leadership, and operational ownership, supporting critical national infrastructure (CNI).The Role: As the Detection Engineering Lead, you will define and deliver the strategic direction for content detection across the SOC. You will manage a small team of skilled detection engineers, fostering a culture of technical excellence, knowledge sharing, and continuous improvement. This role requires balancing operational accountability with forward-looking innovation, ensuring the delivery of world-class security detection capabilities.Key Responsibilities:

Lead and mentor a team of detection engineers, supporting professional development and workload management.

Own the detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements.

Develop, optimise, and maintain high-fidelity detections using Splunk, Microsoft Sentinel, KQL, SPL, and Python for automation and Detection as Code.

Work closely with cloud platforms (AWS and Azure) to enhance detection capabilities in hybrid environments.

Monitor networks and leverage threat intelligence to improve detection coverage, incorporating frameworks such as MITRE ATT&CK.

Drive service improvements and efficiency through automation, tooling, and operational innovation.

Engage with senior stakeholders, presenting detection effectiveness, KPIs, and continuous improvement initiatives.

Ensure operational ownership of the SOC’s detection function, balancing strategic planning with day-to-day responsibilities.

Essential Skills and Experience:

SC clearance required to start; DV sponsorship available.

Proven expertise with Splunk and Microsoft Sentinel SIEM platforms.

Strong programming skills in Python, with experience developing automation and Detection as Code pipelines.

Proficiency in KQL and SPL for creating efficient, high-fidelity detections.

Solid understanding of security detection methodologies, threat intelligence, and cloud security environments.

Strong communication and stakeholder management skills.

Experience in operational leadership, strategy definition, and team management.

Desirable Skills:

Experience with Detection as Code frameworks.

Knowledge of React or JavaScript for tooling development.

Security certifications such as SANS, GIAC, CISSP, CCSP, or vendor-specific certifications (Splunk, AWS, Microsoft).

Work Arrangements:

Initially 5 days per week onsite in Leeds.

Once DV clearance is obtained, hybrid working with up to 2 days from home is possible.

Salary & Benefits:

Competitive base salary up to £65,000 plus performance-based bonus.

Opportunity to work on high-impact national security projects.

Professional development and certification support.

Chance to lead and shape the future of content detection engineering.

This is an exciting opportunity for a proactive, strategic thinker with a passion for security detection and team leadership. You will be at the forefront of protecting critical infrastructure while building a high-performing, technically excellent team.Reference: AMC-AQU-LCEDBPostcode: LS1#adqu

Security Engineer - MOD DV - Inside IR35

Sanderson Government and Defence

Security Engineer (Splunk/Elastic) - MOD DV Cleared

Location: Hemel Hempstead

Type: 4-5 days on-site

IR Status: Inside

Rate: £500 - £750

Clearance: Must have active MOD DV

Contingency: Must be a sole British National

Length: Initial 6 months

Role OverviewAs a Security Engineer, you will be leading the design, documentation and installation of security monitoring tools/platforms to provide data to the Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that they have the correct tooling operating to ensure that they can provide protection and monitoring of their clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements.Key Responsibilities/Technical Skills:

Splunk (Enterprise & ES):

Advanced SPL for correlation searches, data models (CIM), notable events, risk-based alerting (RBA), and accelerated data sets.Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation.Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment servers.

Elastic (Elastic Stack / Elastic Security):

Hands-on with index lifecycle management (ILM), ingest pipelines, ECS mapping, transforms, and enrichment.Experience designing and tuning detection rules (KQL, EQL), response actions, case workflows, and Elastic Security posture features.Skilled in Fleet/Agent deployment, data stream design, and performance tuning at scale.

Strong client management and relationship building experience

SIEM experience with Splunk/Elastic

Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions

Proven hands-on experience operating Elastic Stack / Elastic Security and Splunk Enterprise / Enterprise Security in production environments.

Broader experience across Automation, IaaC and technical operations and reliability is desireable

If you’re intersted in learning more, apply or reach out toReasonable Adjustments:Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Core Network Engineer

Core Network Engineer | £500p/day (Inside IR35) | Cheshire | WAN, DWDM, Optical TransportOur client is looking for a Core Network Engineer with experience in high end network connectivity who understands core infrastructure that’ll support inter-regional and multi-site connectivity. You must be comfortable working directly with senior stakeholders and act as the technical partner to various levels of management.This role will require you to be on site for 2 days and as this is an urgent requirement a shorter notice period will be ideal.Key responsibilities:

You will be in charge of the planning and ongoing progress of the organisations core network and transport infrastructure, this will be in a high throughput routing environment

Support WAN routing, switching and the transport infrastructure to make sure performance and capacity meet the requirements set out by the client

Communication will be key in this role to keep on track of progress and mitigate risks so you can follow through with appropriate actions

Creating and maintaining technical documentation that covers failure impacts, remediation

Own core routing, support fibre infrastructure and transport technologies (eg Cisco DWDM, Cisco ASR Router, Cisco NCS)

Skills

Expertise in enterprise networking technologies is key, experience supporting core LAN, MAN and WAN environments is essential

Hands on knowledge of core routing, switching and transport technologies, inclusive of IP Networking, MPLS, segment routing, multicast, and VPNs.

Must be able to demonstrate knowledge of optical transport architectures this is across metro and long distance networks.

Exposure to Network automation tools and practises

Examples of network observability/troubleshooting tools include, but not an exhaustive list SevOne, Splunk, NetScout, Wireshark, NDC, HPNA, NNMI, OBM, IBM Watson, NSO, etc.

Must have experience engaging and collaborating with clients

Ideal candidate would be someone who takes ownership of responsibilities and ensures alignment across the teams

Desirables:

Experience with SDN; Cisco ACI, VMware NSX, Arista CloudVision

Previous experience in network design, deployment or operations would be great

If you’ve worked with automation tools such as Python, Ansible, Django etc. (specifically for ticketing systems and network devices) that’s a bonus!

Industry experience working within the financial sector

Candidates will be required to go through background checks before commencing contract.Must be eligible to live and work in the specified work location. Some occasional travel maybe required. Only successful candidates will be contacted.EQUAL OPPORTUNITIES Our client is committed to equal opportunities and actively seeks applications from all sectors of the community irrespective of sex, race, colour, nationality, ethnic or national origin, disability, marital status, sexual orientation, having responsibility for dependents, age, religion/beliefs, or any other reason which cannot be shown to be justified.If this sounds like a good fit, apply now as interviews will commence imminently!Core Network Engineer | £500p/day (Inside IR35) | Cheshire | WAN, DWDM, Optical TransportOscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Senior SOC Analyst (SC Cleared)

Certes IT Service Solutions

Duration: 12 Months Location: Milton Keynes Rate: £600 per day IR35 Status: Inside Start: ASAPA Senior SOC Analyst (SC Cleared) is required for our Government client to be part of their security team providing a 24x7 service helping to protect the organisation from cyber threats. You will be part of a 24x7 team responsible for monitoring their systems, detecting potential security incidents and initiating the incident response process.Essential skills & experience required:As the Senior SOC Analyst you will possess current security clearance to SC Level together with experience of SPLUNK within a security operations centre (SOC) Possess excellent problem solving abilities, attention to detail and the capacity to work under pressure and comfortable working within a team environment. Have a good understanding of networking concepts (TCP/IP, DNS etc…) Windows and Linux O/Systems Common cyber attack techniques Any Cyber security certifications would be desirable.Responsibilities include:You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity.Analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents.For confirmed incidents, you’ll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation.Create detailed tickets and reports for all detected incidents, documenting your findings and the steps you have taken as this is crucial for tracking incidents and for future analysis.Also to assist in the maintenance and optimisation of security tools, ensuring they are working correctly and effectively.**This role is based full time on the client site in Milton Keynes (However, if preferred you can choose to be based at their offices near Edinburgh)**To apply for this role please email your CV to:Certes IT Service Solutions welcome applications from all sections of the community and from people with diverse experience and backgroundsCertes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.

Cloud Application Developer

Sanderson Government and Defence

+9

Role responsibilities:

Interacting with project roles as required, to gain an understanding of the business environment, technical context, and organisational strategic direction.

Advising our customer on the latest technologies and methodologies, designing and implementing innovative approaches to their problems using automation.

Understanding security policies and implementing solutions to satisfy security requirements.

Designing and implementing solutions which have high availability and are scalable.

Desirable Skills and Technologies:

Experience and knowledge of AWS / Azure and Azure Virtual Desktop.

Proficiency in the following languages: Python, React, Go.

Familiarity with deploying applications to cloud architecture and technologies in AWS environments.

Experience with web application services such as NGINX, Apache, JBoss.

Experience of Test Driven or Behaviour Driven development.

API development and integration (preferably using Go but not essential).

Experience with monitoring systems e.g., ELK, Nagios, New Relic, DataDog, Splunk etc.

Working knowledge of digital delivery processes and methodologies.

Working knowledge of Atlassian Toolset.

Knowledge of Javascript frontend frameworks.

Understanding of front-end technologies, such as HTML5, and CSS3.

Understanding the nature of asynchronous programming, its quirks and workarounds.

Understanding of database schemas and query languages.

Knowledge of source control technologies, e.g. Bitbucket, Git, Subversion, etc.

An understanding of how to deploy and configure AWS components to adhere to tight security requirements.

Awareness of security identity, access management and authentication using products such as ADFS, SSL/TLS Certs, OIDC, OAUTH2, Keycloak or Redhat SSO.

Reasonable Adjustments:Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

SentinelOne Architect/SME - Remote - 3-4 Months+

Octopus Computer Associates

SentinelOne Architect/SME - Remote - 3-4 months +(SentinelOne, Sentinel One)Blue chip client is looking for a SentinelOne Architect/SMERole is remoteMUST BE PAYE THROUGH UMBRELLA (INSIDE IR35)Role Description:MUST HAVE: experience with SentinelOne and not Azure/Microsoft SentinelSeeking a highly skilled SentinelOne Security Architect & Engineer to own the design and implementation of an on-premises SentinelOne deployment. This role requires deep technical expertise in endpoint protection, architecture design, and hands-on implementation. The ideal candidate will be responsible for producing High-Level Designs (HLDs), Low-Level Designs (LLDs), and executing the build and configuration of the solution in a secure enterprise environment.Required Skills & Experience: Proven experience architecting and deploying SentinelOne in enterprise environments. Strong understanding of endpoint protection, threat detection, and response capabilities. Experience with on-prem infrastructure on virtualized platform, networking, and storage. Ability to produce HLDs and LLDs with clarity and precision. Excellent communication and stakeholder engagement skills. Involved with integrating SentinelOne with SIEM/SOAR platforms (eg, Splunk) and deployment to Windows and RHEL endpoints.Preferred Qualifications: SentinelOne certifications (eg, SentinelOne Certified Architect or equivalent). Scripting knowledge (eg, PowerShell, Python) for automation and integration.Please send CV for full details and immediate interviews. We are a preferred supplier to the client

Security Engineer - MOD DV - Inside IR35

Sanderson Government & Defence

Security Engineer (Splunk/Elastic) - MOD DV Cleared

Location: Hemel Hempstead

Type: 4-5 days on-site

IR Status: Inside

Rate: £500 - £750

Clearance: Must have active MOD DV

Contingency: Must be a sole British National

Length: Initial 6 months

Role OverviewAs a Security Engineer, you will be leading the design, documentation and installation of security monitoring tools/platforms to provide data to the Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that they have the correct tooling operating to ensure that they can provide protection and monitoring of their clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements.Key Responsibilities/Technical Skills:

Splunk (Enterprise & ES):

Advanced SPL for correlation searches, data models (CIM), notable events, risk-based alerting (RBA), and accelerated data sets.Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation.Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment Servers.

Elastic (Elastic Stack/Elastic Security):

Hands-on with index life cycle management (ILM), ingest pipelines, ECS mapping, transforms, and enrichment.Experience designing and tuning detection rules (KQL, EQL), response actions, case workflows, and Elastic Security posture features.Skilled in Fleet/Agent deployment, data stream design, and performance tuning at scale.

Strong client management and relationship building experience

SIEM experience with Splunk/Elastic

Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions

Proven hands-on experience operating Elastic Stack/Elastic Security and Splunk Enterprise/Enterprise Security in production environments.

Broader experience across Automation, IaaC and technical operations and reliability is desirable

If you’re interested in learning more, apply or reach out to (see below)Reasonable Adjustments:Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Cryptography Infrastructure Engineer

We are looking for a Cryptography Infrastructure Engineer to join a financial services client based in Sheffield. There will be a requirement to be in the office once every two-weeks. The contract is also inside IR35.The RoleThe objective will be to support the Cryptography team who are responsible for protecting the identity, confidentiality and authenticity of trillions of dollars of transactions globally.We are looking for an SME in cyber security and cryptography who can help improve their HSM observability for their entire encryption estate. The existing HSM observability is ready to be taken to the next level, improving its resilience, increased monitoring capabilities and faster alerting.We specifically require someone with expertise in either Thales Luna, nShield or payShield HSMs.Key Responsibilities:

Be part of a team that implements a new monitoring and alerting solution based upon Splunk

Have specific knowledge about Entrust nShield HSMs, payShield HSMs or Luna HSMs, and pulling relevant data from the device (via SNMP)

Closely collaborate with team members - as SME for HSMs, but also other HSMs.

Work closely with stakeholders to understand requirement details.

Write a design and test specification for your responsibility in the observability project

Contribute to documentation of the project

Help define the roadmap for continual improvements in the management of cryptographic services

Flag potential issues timely, think outside the box and be creative in finding solutions.

Experienced required:

Good knowledge about HSMs, specifically Entrust nShield, payShield and/or Luna.

Understand how monitoring for HSMs work with expertise in the technologies such as SNMP

Stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders

Knowing what it means to be part of a team, not only being a team player. Contribute to discussions, allow others to speak.

Innovative mindset, we are doing something completely new, inhouse. This requires to speak up when it comes to innovations/new ideas.

Understanding of cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws

Knowledge of cryptographic modules and solutions, eg TPMs,

Good understanding on IT Infrastructure technical platforms/technologies

Understanding of SSH/SSL functionality and usage

Experience interfacing with technology teams to bring lab concepts to market within an organization and building effective operational models to ensure capabilities are able to be fully utilized and grow to meet the needs of the team

Understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, GDPR, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards.

Windows and Linux Servers administration

Strong Documentation skills

More details available on successful application.

Information Security Engineer

PermanentLocation: Manchester (Hybrid minimum 2 days per week onsite)Salary: up to £50,000About the ClientOur client renowned for its commitment to innovation, scalability, and cutting-edge technology. Operating at the forefront of digital solutions, they leverage bespoke and third-party systems to drive efficiency and enhance business operations. This is an exciting opportunity to join a forward-thinking organisation that prioritises technological evolution and continuous improvement.How youll spend your dayIn this role, youll join a fast-paced Security Engineering team, working at scale across a highly regulated environment. Youll focus on integrating, automating, and enhancing security tooling while acting as a trusted consultant to internal technical and business teams. This is a hands-on position where youll use your coding skills, security expertise, and problem-solving ability to deliver secure, efficient and pragmatic solutions.Your day-to-day will include:

Building automation and tool integrations using Python, PowerShell and APIs

Supporting and enhancing security tools including Splunk, Elastic, vulnerability scanners and cloud-based platforms

Consulting with internal teams to understand business challenges and define effective security solutions

Analysing security requirements to ensure solutions are cost-efficient, scalable and compliant

Working across Linux environments (primarily Ubuntu) while collaborating with Windows teams where needed

Supporting vulnerability management, SIEM engineering and wider security initiatives

Reading documentation, troubleshooting independently and quickly becoming productive in complex systems

Working closely with a team of juniors, mid-level and senior engineers in a collaborative, high-expectation environment

What youll bring to this roleYoull be an experienced Security Engineer with strong programming capability, a solid grounding in security fundamentals, and the confidence to advise internal stakeholders. This is a mid-level role suited to someone who can hit the ground running, learn quickly, and operate calmly under pressure.

Strong Python skills and experience with Shell scripting

Hands-on experience working with APIs - querying, pushing and pulling data

A solid foundation in information security principles, network security and common security tooling

Understanding of regulated environments and security implications (PCI DSS required)

Experience working within Linux-based environments (Ubuntu essential)

Ability to troubleshoot independently, read documentation and identify efficient solutions

Strong consulting skills - calm, pragmatic communication, and ability to challenge when required

Exposure to SIEM (Splunk/Elastic), vulnerability tools, or cloud security platforms

A problem-solving mindset and willingness to learn new tools and languages quickly

Experience in fast-paced environments where accuracy, ownership and clear communication are key

Perks & Benefits:

Performance-Based Bonus: Annual bonus paid in two instalments (April & September), based on company and personal performance.

Pension Scheme: Employer-matched contributions of up to 7.5%.

Hybrid Working: Minimum 2 days per week in the office, with flexibility on which days.

Flexible Working Hours: 40-hour workweek with flexibility in how hours are structured.

Generous Annual Leave: 25 days holiday + your birthday off, plus bank holidays. Option to buy or sell up to 5 additional days.

Free Gym Membership: Available to all employees.

No Visa Sponsorship Available for this role.What happens next?One of our Recruitment Consultants will be in touch and inform you if youve been successful to the next stage of the process or not, which is a qualification call where we will tell you more about the role and the client, and understand more about you, your experience and career aspirations.Should we both wish to proceed, we will submit your details to the client and be in touch regarding the outcome and any further steps.The interview process for this client consists of:

Stage 1 60-90 minutes technical and competency interview via MS Teams

Stage 2 60-minute interview with hiring manager and head of department focussed on exploring soft skills.

Equal OpportunitiesWe are committed to providing equal opportunities for all candidates and welcome applications from individuals regardless of age, disability, gender identity, marital status, race, religion or belief, sexual orientation, or any other characteristic protected by law. As an employment agency for permanent and contract hires, we are dedicated to promoting a diverse and inclusive workforce, and we encourage applications from underrepresented groups to drive innovation and equality within the workplace.Should you require any reasonable adjustments please let us know so we can accommodate for any interactions with us at Biometric Talent, but also inform the client to ensure reasonable adjustments are made to allow for a fair and equitable process.

Site Reliability Engineer (SRE) - Defence

Site Reliability Engineer (SRE) - Defence / National Security - £75k - Farnborough - HybridA permanent opportunity for an experienced Site Reliability Engineer who enjoys building secure, automated, and highly reliable platforms. This role sits within a defence and national security environment, working on modern infrastructure where automation, resilience, and secure-by-design principles are fundamental.You’ll work closely with platform engineers, infrastructure teams, and operational stakeholders to take requirements from early design and proof-of-concept through to production. The role blends hands-on engineering with technical design, offering real influence over tooling, standards, and DevOps ways of working. It suits someone curious, detail-oriented, and comfortable working in complex, regulated environments.What you’ll be doing

Designing, delivering, upgrading, and maintaining core platforms, services, and automations

Building and improving monitoring, alerting, and observability platforms

Designing secure infrastructure using automation-first approaches

Creating and productionising proofs of concept for new tools and technologies

Diagnosing and resolving performance, reliability, and availability issues

Supporting architecture, documentation, and non-functional requirements

Mentoring engineers and helping improve DevOps and SRE practices

Essential experience

Strong experience with Linux (Ubuntu) and Windows Server environments

Hands-on scripting skills (Bash, Python, PowerShell or similar)

Proven experience with automation and DevOps tooling (Ansible, Terraform, CI/CD, Git)

Experience working with Azure or similar cloud platforms

Solid understanding of infrastructure reliability, monitoring, and incident response

Strong problem-solving skills and ability to work across multiple priorities

Willingness to work in secure, regulated environments (SC eligibility required)

Desirable experience

Infrastructure-as-Code lifecycle and best practices

Containerisation and orchestration (Docker, Kubernetes)

Configuration management and desired state tooling

Application and platform monitoring tools (Splunk, Nagios or similar)

Experience hardening systems and conducting security assessments

Understanding of Agile and DevOps principles in practice

A collaborative, inclusive culture with strong benefits including competitive pay, bonus, pension, private healthcare, generous leave, professional development, wellbeing perks, and modern on-site facilities.

Site Reliability Engineer (SRE) - Defence

Site Reliability Engineer (SRE) - Defence / National Security - £75k - Farnborough - HybridA permanent opportunity for an experienced Site Reliability Engineer who enjoys building secure, automated, and highly reliable platforms. This role sits within a defence and national security environment, working on modern infrastructure where automation, resilience, and secure-by-design principles are fundamental.You’ll work closely with platform engineers, infrastructure teams, and operational stakeholders to take requirements from early design and proof-of-concept through to production. The role blends hands-on engineering with technical design, offering real influence over tooling, standards, and DevOps ways of working. It suits someone curious, detail-oriented, and comfortable working in complex, regulated environments.What you’ll be doingDesigning, delivering, upgrading, and maintaining core platforms, services, and automationsBuilding and improving monitoring, alerting, and observability platformsDesigning secure infrastructure using automation-first approachesCreating and productionising proofs of concept for new tools and technologiesDiagnosing and resolving performance, reliability, and availability issuesSupporting architecture, documentation, and non-functional requirementsMentoring engineers and helping improve DevOps and SRE practicesEssential experienceStrong experience with Linux (Ubuntu) and Windows Server environmentsHands-on scripting skills (Bash, Python, PowerShell or similar)Proven experience with automation and DevOps tooling (Ansible, Terraform, CI/CD, Git)Experience working with Azure or similar cloud platformsSolid understanding of infrastructure reliability, monitoring, and incident responseStrong problem-solving skills and ability to work across multiple prioritiesWillingness to work in secure, regulated environments (SC eligibility required)Desirable experienceInfrastructure-as-Code lifecycle and best practicesContainerisation and orchestration (Docker, Kubernetes)Configuration management and desired state toolingApplication and platform monitoring tools (Splunk, Nagios or similar)Experience hardening systems and conducting security assessmentsUnderstanding of Agile and DevOps principles in practiceA collaborative, inclusive culture with strong benefits including competitive pay, bonus, pension, private healthcare, generous leave, professional development, wellbeing perks, and modern on-site facilities.TPBN1_UKTJ

Guidewire Senior Developer

Stackstudio Digital Ltd.

+8

Role DetailsRole / Job Title:Guidewire Senior DeveloperWork Location:Onsite (Norwich / Perth)The RoleAs a Senior Guidewire Developer / Consultant, you will be part of the strategic Policy and Claim Admin Platform consolidation program. In this role, you will plan and execute all deployment of system features and monitor successful integration, maintaining the system throughout its lifecycle.You should have expertise in Guidewire Policy/Claims Centre V10 and Cloud migration and implementation for new product LOBs (configure and customise ClaimCenter / PolicyCenter applications as required), along with knowledge of the insurance domain.Your Responsibilities

Understand the complex nature of business problems and requirements

Design highly scalable software solutions to improve functionality and system longevity

Develop modules of the enterprise system plan and code advanced portions of the modules

Plan and execute deployment of system features and monitor successful integration throughout the system lifecycle

Consolidate requirements and identify future-proof solutions

Perform performance tuning activities

Suggest and implement best practices of Agile methodology and design/development principles

Your ProfileEssential Skills / Knowledge / Experience

Expertise in Guidewire Policy / Claims Centre and Cloud migration programs (configure and customise ClaimCenter / PolicyCenter applications as required)

Knowledge of insurance domain and claims processes

Experience integrating Guidewire with downstream systems including finance systems (general ledger), payment systems, and document management systems

Experience integrating Guidewire with third-party / broker policy management systems

Experience integrating third-party feeds to cloud data platforms

Experience migrating data from legacy systems to Guidewire

Ability to produce efficient high-level and low-level design documents

5+ years’ experience working directly with customers or key internal stakeholders

Expertise in reconciling data from Guidewire to Data Warehouse

Experience with GOSU programming, XML, PCF, REST, and SOAP

Guidewire Ace certification (preferred)

Experience with source code management systems such as GitHub

Flexibility to work under changing and dynamic work environments

Knowledge of General Insurance domain and claims processes

Contribution to the development of internal tools used during triage and reconciliation

Familiarity with the software development lifecycle; Agile preferred

Desirable Skills / Knowledge / Experience

Guidewire Policy / Claim Center experience

Programming Languages: Java, Python, PL/SQL

Development Frameworks: Spring Boot, React, Angular

Databases: Oracle / Microsoft SQL

DevOps: Jenkins, Docker, Kubernetes

Agile Methodologies: Kanban, Scrum

Monitoring Tools: AppDynamics / Splunk

Site Reliability Engineer

+11

DV Cleared Site Reliability Engineer London - 5 Days Onsite Up to £550 per day (Umbrella, Inside IR35) 12-Month Contract Must hold live and transferrable DV Clearance Are you passionate about reliability, automation, and supporting mission-critical systems? Join this global defence organisation as a Site Reliability Engineer (SRE) and help shape the future of one of the UK’s most vital national security platforms. You’ll be joining a growing SRE team at the heart of the customer’s mission, focused on ensuring performance, availability, and scalability-while driving continuous improvement and innovation. About the Role As an SRE, you’ll combine your operational expertise with software engineering skills to minimise manual effort and drive automation across complex systems. This role is perfect for someone who thrives on solving hard problems, automating the mundane, and building intelligent tools to enhance system reliability. Key Responsibilities Support and maintain essential services behind critical applications. Participate in a 24/7 on-call rota (1 week in 5), with extra allowance and overtime. Proactively enhance system availability, performance, and resilience. Develop tools and solutions to automate repetitive tasks and reduce operational toil. Collaborate with development teams to embed best practices and SRE principles. Deploy and manage monitoring systems to provide intelligent observability. Engage with the wider DevOps/SRE community within the organisation. Ideal Skills & Experience We’re more interested in your curiosity, enthusiasm, and problem-solving ability than ticking every box. However, experience in any of the following areas would be advantageous: Software development in web technologies or OOP (e.g., Python, Java, etc.) Database tech: Oracle SQL, PostgreSQL, MongoDB Proficient with Linux/Windows command line (Bash, PowerShell) Monitoring: Grafana, Prometheus, ELK, Splunk Agile working and tooling (e.g., Jira, Confluence) Diagnosing and resolving complex system issues ITIL knowledge or exposure to IT service operations Containerisation: Docker, Kubernetes, OpenShift Awareness of modern tech trends and tooling Security Requirements DV clearance holder only Why Apply? Join a forward-thinking SRE team in an environment where your work directly supports UK national security. Help shape tooling, practices, and culture from the ground up. Work alongside brilliant minds on meaningful problems. Receive ongoing training and professional development. If you’re excited about automation, resilient systems, and the opportunity to work on a high-impact project-this is your chance to make a difference

Java Software Engineer

Java Software Engineer is sought on a contract basis by a market FinTech with hubs across the UK. This Java Software Engineer will be tasked with building complex, highly scalable greenfield solutions with international scope. As such experience working on enterprise grade microservices architected applications is a key must have. This Java Software Engineer should have most of the following key skills:

At least 5 years commercial java experience ideally gained building enterprise grade applications

Strong framework experience (spring, hibernate, spring boot etc)

Strong RDBMS experience - NoSQL, MongoDB etc

Troubleshooting exposure - Splunk, ELK etc

Git version control

Automation experience - CI/CD, Docker, Kubernetes would be a real plus

Solid AWS cloud exposure

TDD experience

Microservices/ serverless architecture understanding This contract role is offered on a rolling 3 month basis and is paying between £550 & £600 per day outside of IR35. Due to the national nature of this role the ability to travel and be on-site one day a week would be hugely beneficial. The ability to start within 2 weeks would also be preferred. Java Software Engineer £550 - £600 per day UK wide Java, Microservices, AWS, RDBMS, Splunk, CI/CD, Docker, Kubernetes, Git, TDD

Senior DevSecOps Engineer

Focus on Infrastructure Engineering Location: Gloucester Salary: Competitive plus bonus and benefits Clearance: DV requiredA leading organisation in the defence and security sector is hiring a Senior DevSecOps Engineer. The role has a strong focus on infrastructure engineering. You will work on secure and complex systems that support critical national and global programmes. This role suits someone who enjoys building and supporting reliable infrastructure. You will work in a multi skilled team and follow DevSecOps principles. The environment supports flexible working and a healthy work life balance.The role You will design, build and support secure IT infrastructure. You will use automation and Infrastructure as Code to deliver scalable systems. You will support systems from design through to decommissioning. You will also work across on prem, private cloud and public cloud environments.Key responsibilities

Design, deploy and manage IT infrastructure to customer requirements

Build Infrastructure as Code and integrate it with CI/CD pipelines

Manage systems through the full lifecycle

Support complex solutions within large system environments

Work with public, private and hybrid cloud platforms

Improve reliability, performance and security through automation

Required experience

Strong DevSecOps experience in agile teams

Windows and Linux system administration

Virtualisation using VMware and related technologies

Automation using Terraform, Ansible and Packer

CI/CD pipelines using Jenkins

Git based version control and branching strategies

Containers using Docker and Kubernetes

Scripting with PowerShell and Bash

Python development

Networking fundamentals including IPv4

Monitoring and logging using tools such as Zabbix and Splunk

Knowledge of cloud concepts and AWS

Desirable experience

Cloud focused CI/CD pipelines

Infrastructure as Code for cloud services

Hands on AWS services such as EC2, EKS, Fargate, IAM, S3 and Lambda

Automation using AWS SDK and Boto3

Hybrid cloud integration

Debugging using CloudTrail

Certifications that are useful

Linux or Red Hat certifications

Microsoft Windows Server certifications

Ansible or Terraform certifications

AWS certifications

CCNA

Security or testing certifications

If you have a strong background in DevSecOps and infrastructure engineering, this role offers long term technical challenge and progression.

Lead Technical Consultant - Service Operations - Dynatrace, AppDynamic

Job Title: Lead Technical Consultant Service Operations - Dynatrace, AppDynamics, Datadog Location: Hybrid (UK, with travel as required) Type: Full-timeDo you want to be part of something special? Morela is representing a high-growth start-up redefining IT Operations, led by a serial entrepreneur with a proven track record of building successful businesses. This is your chance to join a team breaking the mold in enterprise service delivery and shaping the future of IT Operations from the ground up.We re looking for a Lead Technical Consultant who thrives in complex enterprise environments and loves working with cutting-edge technology. You will design, implement, and optimise IT Operations solutions across observability, AIOps, and ITSM platforms, help clients adopt best practices in Event Management and OpenTelemetry, and act as a trusted technical advisor bridging technology and business strategy. You ll also help develop frameworks, accelerators, and methodologies that define how the company delivers its services.Skills & Experience:

5+ years in IT Operations, consulting, or related technical roles

Hands-on experience with observability platforms: Dynatrace, AppDynamics, Datadog

Experience with AIOps/ITSM tools: BigPanda, Splunk ITSM, ServiceNow, or equivalent

Expertise in Event Management and OpenTelemetry

Strong knowledge of ITSM/ITIL frameworks and Enterprise Architecture principles

Proven experience delivering solutions to large enterprise clients

Ability to bridge technical delivery with business strategy, advising senior stakeholders

Excellent problem-solving, communication, and stakeholder management skills

Experience implementing and optimising IT Operations solutions across multiple technologies

Compensation & Benefits:

Base salary: £75,000 £100,000 (depending on experience)

Annual performance bonus

25 days annual leave plus bank holidays

Hybrid working with flexibility around client engagements

Opportunity to work on innovative, high-impact projects in a fast-growing start-up

If you re ready to push boundaries in IT Operations and make a tangible impact, this is the role for you.

Description Our Tier 1 banking client are seeking a experienced Data engineer for a long term contracting position. • Objective: Automate ingestion, correlation, and reporting of in-house datasets; eliminate manual Excel/macros processes. Skills Python Data Hadoop Splunk Pyspark AutomationPlease note this will require someone onsite 3x days a week in Sheffield. Job Title: Data Engineer Location: Sheffield, UK Rate/Salary: 450.00 - 500.00 GBP Daily Job Type: Contract Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. (phone number removed). Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as “Allegis Group”). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at (url removed)> To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to (url removed)> We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the “Contacting Us” section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield

Cyber Security Capability Manager

BoltonDue to the positive growth at MBDA a position has been created to manage the Cyber Security Engineering team and lead in its capability delivery. As our Cyber Security Capability Manager reporting into the UK Head of Cyber Security, you’ll play a vital leadership role at the heart of our cyber security mission, leading a team of skilled engineers and specialists who protect MBDA’s critical cyber security systems and capabilities. This is an opportunity to shape our cyber resilience strategy, influence the adoption of emerging technologies like AI and ML in security, and ensure that MBDA remains a trusted leader in secure defence solutions.Salary: Up to £70,000 depending on experienceDynamic (hybrid) working: 2-3 days per week on-site due to workload classificationSecurity Clearance: British Citizen or a Dual UK national with British citizenshipRestrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.What we can offer you:

Company Bonus: Bonus of up to 21% of base salary

Pension: maximum total (employer and employee) contribution of up to 14%

Flexible working: We welcome applicants who are looking for flexible working arrangements

Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments

Facilities: Fantastic site facilities including subsidised meals, free car parking and much more…

The opportunity:

Lead and develop the Cyber Security Engineering team, ensuring effective resource coordination, security clearance management, and technical delivery.

Manage the delivery, maintenance, and availability of MBDA UK’s cyber security tools and ensure robust business continuity and disaster recovery processes.

Oversee SOC account and access administration, enforcing identity and “need-to-know” principles across tools, files, and networks.

Maintain and evolve the Group Cyber Security Skills Matrix to identify gaps, inform training needs, and manage related budgets.

Liaise with internal and external stakeholders-including vetting and supplier partners-to ensure timely access to skilled resources.

Coordinate cyber engineering supplier relationships, contributing to technology roadmaps, lifecycle planning, and capability development.

Support operational security tasks such as patch management, certificate lifecycle management, and tool configuration (including AI and ML feature integration).

Maintain physical and digital access controls for SOC areas, ensuring compliance and security best practice.

Collaborate with the wider Information Management (IM) organisation to enhance security reporting and alerting services.

Ensure accurate operational record keeping and documentation across all cyber security areas.

What we’re looking for from you:Essential:

Significant experience in a Cyber Security leadership or management role (e.g. SOC Manager, Cyber Engineering Manager, Capability Lead, Network Security Manager).

Demonstrable experience with SOC tools and security technologies across large or complex environments (e.g Splunk, Elastic, Sentinel).

Experience managing business continuity and disaster recovery for cyber systems.

Strong understanding of security operations lifecycle, from incident response through to capability planning.

Experience in supplier management, product lifecycle, budgeting, and resource coordination.

Working knowledge of security vetting processes and handling of secure information.

Working knowledge of identity and access management (IAM) and principles of least privilege and need-to-know.

Desirable:

Experience in defence, government, or other high-assurance environments.

Experience developing and maintaining Standard Operating Procedures (SOPs) and security documentation.

Exposure to AI/ML-based security capabilities or next-gen automation.

Experience with security architecture, including tool integration and high availability environments.

Understanding of PKI, certificate management, patching, and secure system configuration.

Relevant certifications such as:

CISSP, CISM, or CRISC

CompTIA Security+ / CySA+

GIAC (GCIH, GMON, GCED)

ITIL or PRINCE2 (for service and project management alignment)

Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a givenMBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more…We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.Follow us on LinkedIn (MBDA), X (@MBDA_UK), Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. #LI-RM1

Splunk Jobs

Overview

Frequently asked questions