Principal Security Analyst - SecOps (Chronicle)
Remote
United Kingdom
Full Time
03-03-2025
Job Specifications
Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India.
About the Role:
The Managed Services Principal Security Analyst Is a Customer-Facing Role Focused on Delivering Security Solutions and Exceptional Client Experiences. As A Trusted Advisor, The Principal Security Analyst Is Responsible for Strategic Advisory, Advanced Analysis, And Custom Security Content for Cyderes’ Managed Service Customers. This Role Requires Consistent Representation of The Cyderes Brand Through Effective Collaboration and Positive Engagement with Internal Teams and Clients.
Responsibilities:
Own security outcomes for assigned customers, ensuring high-quality SOC deliverables and alignment with client expectations
Lead customer-facing calls to discuss incident investigations, provide strategic guidance, and offer recommendations for improving security posture
Perform advanced threat hunting and proactive investigations to detect, isolate, and mitigate malicious activities in customer environments
Act as a technical lead within the SOC, providing mentorship, guidance, and leadership to other Security Analysts
Oversee real-time monitoring and detection activities using SIEM, EDR, and other security tools, ensuring timely identification and escalation of threats
Collaborate with internal teams, such as Detection Engineering, to refine detection rules and enhance automation workflows to close gaps in customer security posture
Maintain and update security operations processes and incident response playbooks to ensure they remain current and effective
Provide training to Security Analysts on tools, processes, and emerging threats to enhance team capabilities
Lead post-incident reviews, identifying lessons learned, and sharing findings to improve operational effectiveness
Tailor detection and response strategies to meet the unique needs of individual customer environments
Stay informed of the evolving threat landscape to provide actionable insights and ensure a proactive approach to security operations
Requirements:
Experience: Minimum 5+ years of professional experience in cybersecurity, with a strong background in security operations
System Administration Knowledge/Experience: Expertise securing and investigating security incidents on Windows, Unix/Linux, and MacOS environments
Networking Proficiency: Advanced understanding of networking concepts, including the ability to analyze network artifacts and logs effectively
Endpoint Detection and Response (EDR): Hands-on experience with EDR tools such as SentinelOne,
CrowdStrike, Microsoft Defender, or equivalent platforms
Security Information and Event Management (SIEM): Advanced knowledge and experience with at least one SIEM platform, such as Microsoft Sentinel, Splunk, Google Chronicle, or IBM QRadar
Technical Skills: Proficient in threat hunting, malware analysis, and leveraging security tools to investigate and mitigate threats
Communication: Strong written and verbal communication skills, with the ability to create and present reports, dashboards, and strategic recommendations
Certifications (Preferred): Industry-recognized certifications such as CISSP, GCIH, GCFA, OSCP, or equivalent
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
About the Company
Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk, maintain compliance, and respond to security threats with greater speed, scale, and cost-efficiency than traditional in-house solutions. Born from the merger of two award-winning cybersecurity firms, Herjavec Group and Fishtech Group, Cyderes has six security operations c... Know more
Related Jobs
- Company Name
- Westfield Specialty (International)
- Job Title
- Information Security Lead Architect
- Job Description
- Job Responsibilities JOB DESCRIPTION Lead the development and implementation of the information security and data protection architecture strategy and roadmap, ensuring alignment with business objectives, regulatory requirements, and industry best practices Provide technical leadership and guidance to the information security team, overseeing the design, implementation, and integration of security solutions across the organization Collaborate with business units, IT teams, executive leadership and vendors to communicate security risks and strategies, assess security requirements, evaluate solution options, and architect secure systems and applications that meet business needs while maintaining a strong security posture Lead the evaluation, recommendation and implementation of new security technologies and tools Define and enforce information security standards and frameworks, ensuring consistent security practices across all technology domains and projects Collaborate with enterprise architects, business and IT stakeholders to integrate security controls and requirements into overall IT architecture frameworks, ensuring the security-by-design principle is followed throughout the development and implementation lifecycle Develop comprehensive security architecture processes and artifact templates, and actively influence their adoption and use across the organization to ensure consistency, efficiency, and alignment with security standards Conduct security architecture reviews and risk assessments, identifying potential vulnerabilities, weaknesses, and gaps in existing systems and proposing effective solutions to mitigate risks Serves as a mentor and role model to security architects and other security team members Foster a collaborative and inclusive environment that encourages continuous learning and skill development Guide team members in best practices, emerging technologies, and evolving threats Represents the organization externally, participating in security forums and conferences to stay updated on the latest trends, share knowledge, and contribute to industry thought leadership Responsibilities Behavioral Competencies: Global Perspective Action Oriented Drives Results Collaborates Communicates Effectively Customer Focus Decision Quality Nimble Learning Develops Talent Directs Work Ensures Accountability Manages Complexity Technical Skills Network Security Incident Response Security Monitoring Vulnerability Management Threat Intelligence Identity and Access Management Data Protection AI Security Encryption Techniques Security Assessments Security Engineering API Security Architecture Modelling Cloud Security Enterprise Security Architecture IT Operations and Infrastructure Services Secure Software Development Agile Methodologies Network Architecture Project Management Work Requirements*: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Ability to work effectively in an office, hybrid, or remote work environment for 40+ hours per week (including sitting, standing, and working on a computer for extended periods of time). Ability to communicate effectively in a collaborative work environment utilizing various technologies such as: telephone, computer, web, voice, teleconferencing, e-mail, etc. Ability to publicly speak. Ability to travel as required The information under these attributes is to be provided by Westfield Qualifications Licenses and Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Information Systems Security Architecture Professional (ISSAP) or other relevant certifications 10+ years of experience in Information Security or a related field. Bachelor's degree in computer science, Information Technology, or a related field and/or commensurate experience. Master's degree in related field is preferred. #wspi Equal Opportunity Employer Westfield celebrates diversity and is committed to inclusion. All qualified applicants receive consideration for employment without regard to race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, or status as a protected veteran.
- Company Name
- Darkshield
- Job Title
- Cybersecurity Engineer
- Job Description
- About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and more. Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The Role We are looking for a skilled and motivated Cybersecurity Engineer to join our team. You will play a key role in designing, implementing, and maintaining security solutions that protect our clients from evolving threats. This role requires a strong technical background in cybersecurity, problem-solving skills, and the ability to work collaboratively with clients and internal teams. Key Responsibilities Design, implement, and maintain security solutions to protect networks, applications, and data. Conduct security assessments, penetration testing, and vulnerability management. Monitor and respond to security incidents, ensuring swift mitigation and resolution. Develop and enforce security policies, procedures, and best practices. Perform security audits and risk assessments to identify potential vulnerabilities. Work closely with clients to provide expert advice and tailored security solutions. Keep up to date with emerging cyber threats, attack techniques, and security technologies. Automate security processes and develop scripts/tools to enhance security operations. Assist with compliance efforts, ensuring alignment with industry standards and regulations. Requirements Proven experience in cybersecurity engineering or a related field. Strong understanding of network security, cryptography, and security frameworks. Experience with penetration testing, vulnerability management, and incident response. Familiarity with security tools such as SIEMs, IDS/IPS, firewalls, and endpoint security solutions. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for security automation. Knowledge of cloud security (AWS, Azure, or Google Cloud) is a plus. Strong problem-solving and analytical skills. Certifications such as CISSP, OSCP, CEH, or equivalent are desirable but not mandatory. Excellent communication skills and the ability to work both independently and in a team environment. Why Join Darkshield? Work with a passionate team dedicated to cybersecurity excellence. Opportunity to work on a variety of challenging projects across different industries. Support for professional development, including training and certification assistance. Flexible working arrangements, including remote options. A culture that values innovation, collaboration, and continuous learning. If you're a cybersecurity professional looking for an exciting and impactful role, we’d love to hear from you. Apply today and join Darkshield in our mission to secure the digital world.
- Company Name
- Ørsted
- Job Title
- Information Security SCADA Specialist - Critical Infrastructure
- Job Description
- Join us in this role where you’ll be leading UKW hub national critical infrastructure with cyber secure generation. You will be leading in all areas of Information Security Management system across the region, initiating improvements of the system, and reporting from the system. This also includes ensuring that the implemented ISMS controls fulfil organisational and country-specific legal requirements where ISMS is implemented. Welcome to UK West Engineering You’ll be part of UKW Engineering team where you, together with your colleagues, will ensure secure, reliable generation from our European assets. You will ensure the best possible handling and improvement of cybersecurity and ensure compliance towards applicable country-specific legal requirements where ISMS is implemented. You’ll secure the lowest possible operating costs and consistently deliver high-quality results at the right time. You’ll play an important role in: maintaining and improving the cybersecurity risk register, including conducting risk identification, developing improvement roadmap and conducting follow-up workshops with relevant parties owning regional technical cyber security risks in close collaboration with Quality & Risk team. Developing, securing budget and implementing risk treatment plans defining effective business continuity plans for SCADA IT/OT systems, maintaining them and implementing them in emergency scenarios, leading event recovery sessions in relation to area of expertise facilitating and supporting regional hub initiatives on continuous improvement of ISMS, including instructions, controls, reports, training, or other work related to ISMS ensuring development and roll-out of training to all involved functions as well as supporting relevant teams in the implementation of ISMS requirements establishing, conducting, and following up on regional audits (internal & external) and management reviews in accordance with requirements in ISMS. To succeed in the role, you: [HFJ1] hold a degree in Information Security, Cybersecurity, Computer Science, or a related field are proficient in cyber security in IT/OT environments, preferably with in-depth knowledge on ISO27001/27019 and IEC62443. National requirements such as NIS-CAF would be advantageous possess relevant cybersecurity certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) bring prior experience working independently in the energy sector, particularly in a regulated environment such as utilities, renewable energy, or oil and gas are proficient in risk assessment methodologies, security controls, and incident response management demonstrate ability to work effectively with external vendors and internal stakeholders to achieve security objectives. Maybe you’ve read the above and can see you have some transferable skills, even though they don’t quite match all the points. If you think you can bring something to the team, we still encourage you to apply. Shape the future with us Send your application to us as soon as possible. We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we’ve found the right candidate. As an applicant or employee, you may request reasonable work and position accommodation or adjustments via accommodation@orsted.com. Please note that for your application to be taken into consideration, you must submit your application via our online career pages and answer the screening questions relevant for your country. We don't take applications or inquiries from external recruiters or agencies into account for this position.
- Company Name
- Lloyds Banking Group
- Job Title
- Cloud Security Engineer (VM Compliance)
- Job Description
- JOB TITLE: Cloud Security Engineer (VM Compliance) SALARY: From £70,929 depending on location LOCATION(S): UK (Edinburgh, Manchester, Leeds, Bristol, London) HOURS: Full-time (35 Hours Per Week) WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week currently, or 40% of our time, at one our strategic hubs About this opportunity You'll sit within Chief Security Office (CSO), part of a team of Security-focused engineers. We are driving a roadmap that will modernise our approach to securing cloud hosted workloads in the Group (Continuous Compliance, Contextual Reporting, Cloud Native). Our primary services are the curation of guardrails (policy as code) to secure Operating Systems (OS) for Virtual Machine (VM)-based workloads hosted on Private and Public Cloud Platforms. Our goal is to enable the bank's adoption of Private & Public Cloud to go safely, faster. The CSO is a vital part of delivering the Group's vision of putting customers at the heart of everything we do, helping Britain prosper and protecting the Group and customers from security threats. We're responsible for influencing then implementing Lloyds Banking Group's security strategy and providing a variety of critical Enterprise Security Services which not only operate key controls that keep the Group safe but also enable the digital transformation agenda of the wider organisation. Experienced Security focused DevOps engineers are needed to develop guardrails (policy as code) to detect, report and where possible enforce (auto-remediate) safe and secure configurations at the Operating System (OS) level to align with our principles and standards, as well as Industry best practices (CIS Benchmarks). The role will involve curating Operating Systems for secure LBG consumption with guardrails and supporting these throughout the full lifecycle (definition, development, release, maintenance); building and maturing the OS Continuous Compliance framework; maturing of operational and curation processes through simplification and automation. It is crucial that the applicant has outstanding written, drawing, and verbal communication skills, as one would expect from an architect or consultant. These skills are vital to effectively communicate information that will later be completed by our proficient engineering teams. This is a hands-on engineering role, and will require deep knowledge in Operating Systems, DevOps tooling and experience working in Infrastructure as Code (IaC) environments. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions in our people, data, and tech to transform the way we meet the ever-changing needs of our 26 million customers. We're growing with purpose. Join us on our journey. What you'll need We need a Solution Engineer who understands the challenges of modern architecture. You'll build a compelling strategic vision and will understand a wide array of technology implications including people and process, bringing this to your comprehensive view of design. You'll ideally have previous career experience in software or infrastructure engineering and will be well placed to define and sell your vision for Engineers, Architects, and Product Owners alike. You must be a keen and comfortable communicator who is happy working with a wide range of technical and non-technical colleagues. You would be able to produce high quality documentation tailored to the audience which would include senior colleagues. As a role that can require demanding delivery timeframes, you'll be self-organised and proactively prioritise your time. You'll: Identify OS level configurations that require security oversight and control Define a backlog of OS guardrails to detect bad configurations, enforce good configurations Develop, test, release and support guardrails through their full lifecycle Provision and configure testing environments and supporting resources Apply automation first mind-set to all activities completed Coach and upskill peers and junior team members Create, maintain and enhance terraform modules Analyse compliance health and security posture of workloads and platforms Input into development of compliance reports and enable value release to end customers Lead triage and resolution of engineering impediments Work closely with the PO to build roadmap items and shape the backlog Lead on recommendations to harden and improve security posture Research and upskill in to trending compliance capabilities, identify ways to incorporate into the team's roadmap In addition, we're in search of someone who holds the following experiences: Strong experience in Operating Systems (RHEL / WIN Server), IaC Experience in Cloud Compliance - guardrails and policies Experience in VM Management tooling (Azure ARC) Understanding of API-based architectures About working for us Our focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it's why we especially welcome applications from under-represented groups. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know. We also offer a wide-ranging benefits package, which includes: A generous pension contribution of up to 15% An annual performance-related bonus Share schemes including free shares. Benefits you can adapt to your lifestyle, such as discounted shopping. Generous holiday allowance, with bank holidays on top A range of wellbeing initiatives and generous parental leave policies Want to do amazing work, that's interesting and makes a difference to millions of people? Join our journey.