• Significant experience and proven technical depth within two of the following domains of cybersecurity; infrastructure & network security, and data protection & privacy
• Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level
• Strong proficiency in technical scoping, architecture design, and integration of security tools and processes.
• Strong understanding of cyber security principles, governance, and compliance frameworks
• Ability to translate business needs into scalable, user-centric cloud solutions.
• Excellent communication and collaboration skills, with a focus thought leadership and solution development
• Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives
• Experience working in large-scale IT transformation programmes

#LI-DNI

• Investigating and responding to security incidents end-to-end (triage → containment → recovery)
• Performing deep-dive technical analysis to understand root cause and scope
• Handling phishing investigations and user-driven security cases
• Working with SIEM and SOAR platforms to support investigations and response workflows
• Improving detection rules, alert quality, and triage processes
• Supporting reductions in MTTI / MTTR through effective analysis and tooling
• Contributing to post-incident reviews, documentation, and playbooks
• Collaborating with the wider Blue Team and Cyber Fusion Centre

• Strong experience in a SOC, SecOps, or Incident Response role (ideally Tier 2/3 level)
• Proven ability to investigate and resolve security incidents in enterprise environments
• Hands-on experience with SIEM platforms (e.g. Microsoft Sentinel, Splunk, QRadar)
• Experience working with SOAR tools or automated response workflows
• Solid understanding of attack techniques and frameworks (e.g. MITRE ATT&CK)
• Strong technical knowledge across endpoint, identity, email, and cloud security
• Experience with Microsoft Defender and Microsoft 365 security tooling
• Ability to work effectively during active incidents and time-sensitive situations
• Clear communication skills, both technical and non-technical

• Experience in detection engineering or tuning alert logic
• Certifications such as GCIH, CySA+, SC-200, BTL1/BTL2
• Exposure to Google Cloud security operations

• Hybrid model: 2 days onsite every two weeks (London)
• Embedded within a Cyber Security / Cyber Fusion team
• Collaborative, hands-on environment with a focus on continuous improvement

• Review, validate, and enhance SOC analyst investigations and incident responses
• Ensure alerts, incidents, and recommendations are technically accurate and business-relevant
• Take ownership of complex or ambiguous security events
• Improve SOC processes to reduce operational load and increase efficiency
• Identify and drive opportunities for automation and optimisation
• Support and mentor analysts through knowledge-sharing and guidance
• Act as a senior escalation point for SOC-related security issues

• Strong experience working within a Security Operations Centre (SOC)
• Proven ability to lead and uplift teams without formal line management responsibility
• Skilled in reviewing and challenging investigations to improve quality and outcomes
• Experience driving SOC process improvements and automation initiatives
• Confident communicator, able to clearly articulate risk and recommendations to stakeholders

• CrowdStrike (EDR)
• Microsoft Defender
• Splunk or similar SIEM platforms
• Qualys (vulnerability management)

• Lead in the areas of process, information, and data analysis within their subject matter expertise.
• Act as a subject matter expert in manufacturing technology and systems.
• Bring competitive and industry best-practice analysis.
• Provide recommendations for targeted investments.
• Lead the deployment of methodologies to analyse and resolve complex business problems.
• Provide SME leadership to the business and project team in a lead engagement capacity.
• This role will play a key part in driving digital transformation and technology optimisation across manufacturing operations.

• Analyse current-state manufacturing processes, systems, and data flows.
• Identify gaps, risks, and improvement opportunities across IT/OT environments.
• Develop clear documentation including business requirements, functional specifications, process maps, and data models.
• Lead workshops and stakeholder sessions to define future-state solutions.

• IT/OT convergence
• Manufacturing infrastructure
• Networking and industrial connectivity
• Servers (on-premise and edge environments)
• Cyber security (industrial and enterprise alignment)
• Manufacturing systems (e.g., MES, SCADA, PLC integration, historian systems)
• Bring external industry best practices in smart manufacturing, Industry 4.0, and secure plant connectivity.
• Evaluate and recommend technology investments aligned to operational and strategic goals.

• Support the Project Manager/Programme Manager in planning, risk management, and stakeholder alignment.
• Lead analytical workstreams within larger programmes.
• Ensure alignment with governance standards.
• Provide impact assessments for proposed changes across infrastructure and manufacturing systems.

• Deploy structured analysis methodologies to resolve complex business and technical problems.
• Use data-driven insights to support investment decisions.
• Conduct feasibility assessments and cost/benefit analyses.
• Define KPIs and measurement frameworks for solution success.

• Engage with manufacturing site leadership, engineering teams, IT teams, and cyber security teams.
• Act as a bridge between technical and non-technical stakeholders.
• Influence and guide decision-making through clear, structured analysis.

• Experience as a Business Analyst, Systems Analyst, or similar role within manufacturing or industrial environments.
• Strong exposure to IT/OT convergence in manufacturing.
• Experience working on infrastructure and industrial networking projects.
• Demonstrable experience supporting large-scale transformation or technology programmes.
• Experience working within structured governance frameworks

• Industrial networking and plant connectivity.
• Server infrastructure (on-premise, virtualised, edge computing).
• Cyber security within manufacturing environments (e.g., IEC 62443 awareness).
• Manufacturing systems (MES, SCADA, PLC integration).
• Infrastructure architecture and resilience.
• Data analysis and systems integration.

Applicants must be able to travel between clients sites in Glasgow, Edinburgh and Fife.

#LI-DNI

• Design & Deliver Cyber Awareness Materials
• Produce engaging, scalable materials such as presentation decks, crisis simulations, written insights, and other assets to educate and upskill clients.
• Position cybersecurity defences as a point of differentiation in client engagement.
• Own Client‑Facing Cyber Learning & Content
• Serve as product owner for the cybersecurity page on the internal sales enablement platform.
• Manage cybersecurity learning paths for Relationship Managers and other customer‑facing roles, ensuring they drive strong engagement and measurable outcomes.

• Support the measurement and value quantification of all client‑facing cyber awareness activity.
• Gather requirements from Global Business CISO teams to understand client needs and inform solution design.
• Apply customer‑centric design principles, including behavioural science and learner‑psychology best practice.

• Work with Cybersecurity Education & Awareness team members and third‑party suppliers to repurpose or design new client‑facing initiatives
• Engage closely with Legal, Cyber Intelligence & Threat Analysis, and the Fraud Awareness team to exchange insights and maximise existing channels.
• Champion a customer‑centric mindset across all initiatives.

• Understanding of operational resilience, business continuity, and cyber defences in a commercial environment.
• Knowledge of marketing and awareness campaign development.
• Awareness of behavioural science and learner psychology techniques.
• Familiarity with requirements gathering, agile methods, project management, and data analysis.

• Designing and delivering training, marketing or awareness campaigns (cybersecurity or risk preferred).
• Conducting requirements‑gathering or design‑thinking activities with end‑user research.
• Collaborating with stakeholders at multiple seniority levels within complex delivery environments.
• Working with content management systems and internal communication/training tools (e.g., SharePoint, Degreed, Workplace).
• Experience in data analysis.

• Excellent written and spoken English with strong attention to detail.
• Strong organisational and stakeholder‑management skills.
• Ability to work in a fast‑paced environment with changing priorities, delivering high‑quality outputs to tight timelines.
• Confident, proactive, and accountable, with the ability to work both independently and collaboratively.
• A calm, flexible team player who shares knowledge and helps others succeed.

#LI_DNI

• Oversee delivery and governance of Cybersecurity certification and accreditation pathways.
• Execute tailored learning journeys aligned to cyber personas, career progression, and business priorities.
• Deliver targeted capability uplift programmes to support emerging and strategic cybersecurity needs.
• Champion a culture of continuous learning across global Cyber teams.

• Manage dashboards, reporting, and analytics to drive data‑driven decision‑making.
• Ensure compliance with internal controls, regulatory expectations, and industry frameworks (e.g., NIST NICE).
• Track outcomes and demonstrate measurable impact on capability development.

• Partner with Cybersecurity leadership, Technology Learning teams, and Communications & Engagement to deliver impactful learning campaigns.
• Manage supplier relationships to deliver high‑quality, cost‑effective training solutions.
• Lead Cybersecurity learning steering/advisory forums and ensure alignment with strategic objectives.
• Gather feedback and continuously improve learning offerings.

• Oversee platform administration, onboarding/offboarding processes, and governance.
• Manage a small delivery team to ensure learning outcomes are delivered on time, with clear success criteria and KPIs.

• Strengthening cyber resilience across the organisation.
• Ensuring teams have the right skills to reduce operational and security risk.
• Demonstrating capability uplift for regulatory and audit requirements.
• Supporting innovation and resilience through strategic learning initiatives.
• Providing engaging, accessible training experiences for all Cybersecurity colleagues.

• Experience delivering learning and development programmes within Cybersecurity.
• Strong knowledge of cyber roles, skills frameworks (e.g., NIST NICE), and industry certifications.
• A data-driven approach to evaluating learning impact and driving continuous improvement.
• Excellent stakeholder engagement skills and confidence in presenting to senior leaders.
• Ability to manage suppliers and budgets to deliver high-quality learning solutions.