3 Threat Detection jobs in London
Cybersecurity Analyst - Threat Detection
Posted 5 days ago
Job Viewed
Job Description
This position requires a sharp analytical mind, a deep understanding of cybersecurity principles, and hands-on experience with security tools and technologies. You will play a vital role in safeguarding our organization's information and systems.
Key Responsibilities:
- Monitor security alerts and events from various sources (SIEM, IDS/IPS, firewalls, endpoints).
- Investigate potential security incidents, perform forensic analysis, and determine root causes.
- Develop and refine threat detection rules and signatures.
- Respond to security incidents in a timely and effective manner, following established procedures.
- Conduct vulnerability assessments and penetration testing.
- Stay current with the latest threat intelligence, attack vectors, and cybersecurity trends.
- Recommend and implement security enhancements to protect against emerging threats.
- Collaborate with IT and development teams to ensure security best practices are integrated into systems and applications.
- Create incident reports and documentation for technical and non-technical audiences.
- Participate in security awareness training initiatives.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Minimum of 3 years of experience in cybersecurity operations, incident response, or threat analysis.
- Proficiency with SIEM tools (e.g., Splunk, QRadar), IDS/IPS, firewalls, and endpoint security solutions.
- Strong understanding of network protocols, operating systems, and common attack methodologies.
- Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
- Relevant certifications such as Security+, CySA+, or CISSP are highly desirable.
- Excellent analytical, problem-solving, and critical thinking skills.
- Ability to work effectively in a hybrid work environment, collaborating both remotely and in the office.
- Strong communication skills, both written and verbal.
Associate Director, Digital Forensics and Incident Response
Posted 5 days ago
Job Viewed
Job Description
We now have an exciting opportunity for an Associate Director to join our Digital Forensics and Incident Response (DFIR) team in London. As the senior member of the EMEA DFIR team with deep digital forensic experience, you will be integral to the wider EMEA practice, and in turn part of a global practice offering and influencing the direction of our forensic technology and digital forensics incident response capability. The Discovery and Data Insights department is the hub of all technical consulting and you will provide digital forensics and incident response solutions for matters which involve cyber response investigations, digital forensic investigations, eDiscovery and data analytics. Our clients include law firms and Fortune 500 multi-nationals across the globe.
Day to day, you will be executing and managing matters that arise on short notice and there will be a need to deploy the team and support crises. As the technical lead for engagements, you will provide direction to empower the team and provide quality assured, highly responsive forensic incident management. A significant portion of the role will require you to engage across the business to leverage technology consulting into all business development and go-to-market strategy. You will be responsible for increasing the technical team’s visibility and capability in performing business development and supporting marketing initiatives, from thought leaders, white papers, technical demonstrations and collaborative meetings with our colleagues with clients. This role will play a key part in ensuring our ongoing growth and success across the region.
Responsibilities
- Manage and provide forensic incident response consultancy and expertise in scoping data estates, data collections, investigative analysis to our clients
- Support our teams in our adjacent divisions, notably Digital Risks, Investigations and Technology Consulting across regions
- To provide high quality deliverables to our clients in a timely and efficient manner
- To ensure work is defensible and to an evidential standard as appropriate for tasks
- To be innovative and creative showing initiative in bringing teams together
- To anticipate client needs and continually strive for ways to work efficiently
- To respond to potential enquiries and convert these into opportunities/sales leads and proposals
- To actively engage and lead in business development and marketing for all of Discovery and Data Insights and across services (particularly Cyber and Investigations/Forensic Accounting)
- Willingness and flexibility to travel internationally
Requirements
- Extensive professional and technology experience, preferably in digital forensics in a cyber context, forensic investigations, financial crime or compliance setting.
- Proven knowledge and technical computer forensics experience for cyber incident response and investigations. Thorough understanding of best practice procedures (MITRE ATT&CK framework, NPCC, NIST, SANS etc.) evidence handling, computer systems and tools of the trade
- Expert understanding of multiple operating systems, particularly Microsoft and Linux infrastructure and networking systems, both on-premise and in the cloud, as well as dedicated cloud services such as Microsoft 365/Azure, Google Workspace, AWS etc.
- Expertise in PowerShell scripting, Bash scripts, Python, SQL and data wrangling for log analysis
- Expertise with the industry standard forensic software tools such as X-Ways, EnCase, Nuix, Axiom, Cellebrite and forensic hardware tools.
- Expertise with open-source tools (such as Velociraptor) and leveraging commercial tools (such as X-Ways, EnCase and Nuix) for forensic use.
- Established track record for performing forensic collections, involvement in incident response and digital investigations alongside maintaining detailed contemporaneous notes
- Able to prepare written analyses, summary reports, presentations and other client deliverables for projects and work performed.
- Impeccable written and oral presentation skills to effectively communicate with diverse audiences of varying degrees of expertise.
- Proven experience at managing client expectations and providing relevant solutions through the project lifecycle.
- Identify relevant extensible opportunities such as post-breach/post remediation services.
- Demonstrable interpersonal skills and an ability to work effectively in teams
- Experience in creating project estimates, project plans, proposals and retention agreements.
- Proven ability to manage and develop a team of professionals through empowerment, coaching and motivation.
- Ability to work well under pressure and meet tight deadlines, while effectively juggling competing demands, prioritising appropriately, and overseeing multiple tasks simultaneously.
Preferred
- Wide understanding of programming/scripting skills
Benefits
- Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
- We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
- Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
- As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.
Software Engineering Manager, Site Reliability, Cloud Incident Response
Posted 13 days ago
Job Viewed
Job Description
_corporate_fare_ Google _place_ London, UK
**Advanced**
Experience owning outcomes and decision making, solving ambiguous problems and influencing stakeholders; deep expertise in domain.
**Minimum qualifications:**
+ Bachelor's degree or equivalent practical experience.
+ 8 years of experience with software development in one or more programming languages (e.g., Python, C, C++, Java, JavaScript).
+ 3 years of experience in a technical leadership role; overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
+ Experience with cloud services, telemetry systems and incident response.
**Preferred qualifications:**
+ Master's degree or PhD in Computer Science, or a related technical field.
+ Experience as a cloud customer.
**About the job**
Site Reliability Engineering (SRE) combines software and systems engineering to build and run large-scale, massively distributed, fault-tolerant systems. SRE ensures that Google Cloud's services-both our internally critical and our externally-visible systems-have reliability, uptime appropriate to customer's needs and a fast rate of improvement. Additionally SRE's will keep an ever-watchful eye on our systems capacity and performance.
Much of our software development focuses on optimizing existing systems, building infrastructure and eliminating work through automation. On the SRE team, you'll have the opportunity to manage the complex challenges of scale which are unique to Google Cloud, while using your expertise in coding, algorithms, complexity analysis and large-scale system design. SRE's culture of intellectual curiosity, problem solving and openness is key to its success. Our organization brings together people with a wide variety of backgrounds, experiences and perspectives. We encourage them to collaborate, think big and take risks in a blame-free environment. We promote self-direction to work on meaningful projects, while we also strive to create an environment that provides the support and mentorship needed to learn and grow.
The Cloud Incident Response Team supports the responders, tooling, and outcomes for Google Cloud Platform (GCP) major incidents. The team collaborates across GCP products, customer facing teams, and a wide range of stakeholders, where you will help coordinate, mitigate, or resolve issues across all of GCP.
Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
**Responsibilities**
+ Participate in on-call rotation supporting Critical Incident Response for GCP.
+ Focus on high-quality customer outcomes and collaboration across GCP teams.
+ Create Incident Management at Google (IMAG) training and processes for the incident management lifecycle in partnership with Cloud SRE Tech Leads, and the Cloud Support leadership team.
+ Build systems and tooling to support the team, enhance visibility, improve issue detection, and facilitate communication with customers, stakeholders, and other customer-facing teams.
+ Define and escalate risks in Cloud, reduce incident probabilities.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) .
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See alsoGoogle's EEO Policy ( ,Know your rights: workplace discrimination is illegal ( ,Belonging at Google ( , andHow we hire ( .
If you have a need that requires accommodation, please let us know by completing ourAccommodations for Applicants form ( .
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:
Be The First To Know
About the latest Threat detection Jobs in London !