SOC Analyst/Engineer

• IR35: Inside
• Location: Remote
• Rate: £400 – £450
• Clearance: SC Cleared (Active)

Sanderson G&D are seeking a SOC Analyst with a background in IT Engineering to join an existing project.

Key responsibilities

• Responsible for ensuring the effective and timely triage of all security alerts
• Responsible for maintaining and developing risk-led threat detection capabilities to quickly detect and respond to risky behaviors and event.
• Review and approve new Use Cases and Playbooks created by cybersecurity colleagues

Knowledge and experience

• 5 years or more experience in IT with a particular emphasis on infrastructure and security ideally in a SOC analyst role.
• Extensive and active knowledge and hands on experience of Microsoft Sentinel particularly, incident triage, setting up and maintaining analytical rules, using KQL to hunt across logs, logic apps experience. Creating queries and utilising workbooks
• Excellent understanding and experience of Microsoft Defender components.
• Good knowledge of Active Directory, Windows event logs, network logs and Azure audit logs, Office 365, Cloud Apps and DNS
• Excellent documentation skills particularly around creating and maintaining SOC playbooks.
• Previous experience with collecting and analysing forensic evidence from endpoints and cloud environments

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Security Architect – SC Cleared – Inside IR35

• Location: Milton Keynes
• 5 days on-site
• Rate: £550 – £641
  • Inside
• Clearance: SC
• Length Initial 6 months

Role:

• To advise and contribute to the ongoing low-level design and build process of the IT platforms, and the deployment of customer workloads
• To lead on the IT Security aspects when engaging with external stakeholders on cross domain connectivity and data sharing.
• To create/own Tier2 policies & procedures and drive forward implementation & culture change across multiple teams.
• To engage with other secure platforms and environments to align security policies and procedures.
• To assist with customer engagements including technical discovery, design and delivery.
• To act as a key technical interface with the Security Operations Centre and assist with the investigation and resolution of security incidents.

Skills and Experience:

• Strong working knowledge of IT risks, cyber security, and computer operating software
• Advanced understanding of security protocols, cryptography, and security
• Experience implementing multi-factor authentication
• Great communication and interpersonal skills
• Experience implementing security solutions
• Comfortable working on a team
• Understanding of ISO 27001

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Contract SOC Analyst / Consultant

Rate – £600 Inside IR35

Location – London (Three times a week on site)

Duration – 6 months

We’re looking for an experienced Contract SOC Analyst to support, uplift and mature an existing SOC function made up of four analysts. This role is ideal for someone who enjoys being hands-on while also leading by example, improving quality and taking pressure off the wider team. You will validate investigations, sense-checking responses and ensure recommendations made to the business are accurate, risk-based and actionable.

What you’ll be doing

• Reviewing, validating and supplementing analyst investigations and responses
• Ensuring alerts, incidents and recommendations are technically sound and business-appropriate
• Taking ownership of more complex or ambiguous security events
• Reducing operational load on the team by improving processes and decision-making
• Identifying opportunities for SOC automation and efficiency improvements
• Help develop analysts through knowledge-sharing, mentoring and guidance
• Acting as a trusted escalation point for SOC related security issues

What we’re looking for

• Strong experience working in a Security Operations Centre (SOC) environment
• Comfortable leading and uplifting a team, without being a formal people manager
• Proven ability to validate findings, challenge assumptions and improve investigation quality
• Experience improving or influencing SOC processes and automation
• Confident communicating risk and recommendations clearly to stakeholders

Tech stack experience

• CrowdStrike (EDR)
• Microsoft Defender
• Splunk or similar SIEM tools
• Qualys (vulnerability management)

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Security Architect – SC Cleared – Inside IR35

• Location: London – 1 day on-site
• Length: 12 Months
• Clearance: Active SC Clearance
• IR35: Inside
• Rate: £700 – £800
• Start Date: ASAP (Pending Clearance)

Sanderson G&D are seeking a Security Architect to join an exciting Cyber and Cloud Security programme in the Public Sector.

Essential Skills:

• Proven experience as a Security Architect Strong expertise in designing and implementing secure architectures across applications, platforms, and infrastructure.
• Solid understanding of security architecture patterns, zero trust principles, and Defence-in-depth strategies Experience designing security solutions in cloud environments (AWS, Azure, and/or GCP)
• Strong knowledge of identity and access management (IAM), authentication, authorization, and privileged access Experience with network security, encryption, key management, and secure connectivity Knowledge of application security principles, including secure APIs, data protection, and threat modelling Experience designing for security resilience.

Desirable Skills:

• Hands-on experience with cloud security services and tooling (e.g. AWS Security Hub, Azure Defender, Sentinel)
• Experience with container and Kubernetes security (image scanning, runtime protection, policy enforcement)
• Exposure to regulated or highly secure enterprise environments Security or architecture certifications (e.g. CISSP, CCSP, TOGAF, AWS/Azure Security Specialty) Familiarity with security monitoring, logging, SIEM, and observability tools
• Experience embedding security controls into DevOps and SRE practices

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Security Architect – SC Cleared – Outside IR35

• Location: London
• Length: Initial 6 Months
• Type: 1 day a week on-site
• Clearance: Active SC Clearance
• IR35: Outside
• Rate: £500 – £550
• Contingency: Must be able to start within 1-2 weeks

Sanderson G&D are seeking a Security Architect who will provide strategic cyber security advice and guidance to digital product teams, acting as a Close Support Partner to ensure Secure by Design principles are embedded throughout the product development lifecycle. The role focuses on assurance, architecture guidance, and risk-based decision support, enabling secure delivery without owning build or operations.

Key Responsibilities

• Attend regular project and design meetings to understand requirements and delivery milestones.
• Perform initial and iterative threat modelling for new features, integrations, and architectural changes.
• Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection.
• Recommend and review security controls for cloud-native environments.
• Provide guidance on secure coding practices and advisory support for code reviews.
• Support incident response planning and vulnerability management during development.
• Review and advise on third-party integrations, ensuring appropriate technical and contractual safeguards.
• Provide assurance that Secure by Design principles are being consistently applied.

Essential Experience

• Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments.
• Strong Secure by Design, threat modelling, and risk-based security expertise.
• Experience advising product teams in agile, cloud-based delivery contexts.
• Confident engaging with architects, developers, and delivery leads in an advisory capacity.

If you’re interested, apply or reach out to [email protected]

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Cyber Security Analyst

Location: Buckinghamshire
Contract: Full-time, permanent
Salary: Up to £50,000 per annum (dependent on skills & experience)
Bonus: Discretionary bonus scheme
Hours: 35 hours per week

We’re looking for an experienced Cyber Security Analyst to join a well-established organisation and play a key role in protecting systems, data and infrastructure from cyber threats.

Key responsibilities include:

• Monitoring systems, networks and alerts for security threats and vulnerabilities

• Investigating, documenting and responding to security incidents

• Supporting cyber security governance, risk management and compliance activities

• Producing clear security reports, metrics and management information

• Working with third-party suppliers and internal stakeholders

• Promoting cyber security awareness across the organisation

About you:

• At least 3 years’ experience in a cyber security role

• Strong knowledge of security frameworks (e.g. ISO 27001, NIST)

• Hands-on experience with tools such as SIEM, firewalls, IDS/IPS, EDR and vulnerability scanning

• Strong analytical skills with the ability to document and communicate clearly

• Experience with cloud technologies (e.g. Microsoft Azure/M365) is desirable

Please apply if interested!

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Penetration Test Lead – Hands on

Rate – £400 – £500 Inside IR35

Duration – 3 months initial

Location – Bristol (Once a month on site)

We are seeking an experienced Pen Test Lead with strong, hands-on penetration testing expertise to lead and support a small internal testing function.

This role combines technical delivery with day-to-day leadership, overseeing a team of three penetration testers. You’ll be responsible for managing testing intake, scoping engagements, delegating work and ensuring high-quality, timely delivery across multiple assessments.

Alongside team leadership, you’ll remain technically engaged, providing guidance on complex testing activities, validating findings and supporting continuous improvement of tooling and methodology. An understanding of red team concepts and adversary led testing is highly desirable.

Key responsibilities:

• Lead and mentor a team of penetration testers
• Manage and prioritise testing requests and intake
• Scope penetration tests and allocate work effectively
• Maintain hands-on involvement in penetration testing where required
• Assure quality, consistency, and reporting standards
• Contribute to red team or advanced testing approaches

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Security (SIEM) Architect – SC Cleared
Duration: 6 months
Location: Hybrid – Warwick / WFH (40/60)
Day rate: £700 – £750 inside IR35

We are looking for an SC Cleared Security (SIEM) Architect to design and deliver a full-scale, bespoke SIEM capability using the Elastic platform.

You will act as a lead architect, refining existing designs and building a holistic Elastic SIEM solution. An initial architecture has already been produced by Elastic EMEA; you will take this forward, working with sensitive data and collaborating with a wider team of architects.

Key requirements:

• Proven SIEM / Security Architecture experience

• Strong, end-to-end knowledge of the Elastic Stack

• Previous experience designing SIEM platforms at scale

• Background as a SOC Analyst highly desirable

A great opportunity to shape a critical security capability within a well-supported programme.

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Secure by Design Consultant – Outside IR35

• Location: London
• Type: 1 day a week on-site
• Clearance: Active SC Cleared
• IR35: Outside
• Rate: £500 – £550
• Contingency: Must be able to start within 1-2 weeks

Sanderson G&D are seeking a Secure by Design Consultant. The role revolves around providing expert Secure by Design leadership across digital services, ensuring security is embedded from the earliest stages of discovery through delivery and into live operation. The role focuses on identifying risk early, shaping secure solutions, and enabling teams to make proportionate, well‑evidenced security decisions.

Responsibilities:

• Lead Secure by Design discovery and assessment activities across digital services
• Identify security risks, constraints, and dependencies, and translate these into clear, prioritised recommendations.
• Facilitate threat modelling and risk workshops with multidisciplinary teams.
• Define pragmatic security control expectations aligned to service risk and context.
• Produce concise written outputs that support decision‑making and assurance.
• Coach delivery teams to embed secure ways of working without impeding delivery pace.
• Support governance and assurance activities by articulating risk, mitigation, and residual exposure.

Essential Experience

• Strong experience embedding security into digital delivery, not just reviewing it.
• Deep understanding of Secure by Design and risk‑based security principles.
• Ability to influence senior stakeholders and delivery teams.
• Excellent written and verbal communication, with a focus on clarity and actionability.

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Technical Security Architect – Application Security (RBAC / ABAC)

Rate: £650 – £750 Inside

Duration: 6 months

Location: Bristol

We are seeking a Technical Security Architect with strong expertise in Application Security, RBAC, ABAC and Policy Management to assess and modernise a predominantly legacy application estate, including platforms built on SQL Server.

This role will focus on evaluating the current security posture, reviewing how access and security policies are defined and enforced, and creating a clear roadmap to future-proof applications in line with client, regulatory and business requirements.

Key Responsibilities

• Assess the existing application, data and access control landscape, including legacy SQL Server-based platforms
• Review and rationalise security and access policies, ensuring they are consistent, enforceable and scalable
• Evaluate and design RBAC and ABAC models, aligned to business and client needs
• Define how policies are authored, managed, versioned and enforced across applications
• Identify security gaps, technical debt and policy inconsistencies within legacy systems
• Design target-state application security architectures that balance modern security principles with platform constraints
• Produce a pragmatic roadmap for modernising access control and policy management
• Provide architectural guidance to engineering teams to embed policy-driven security controls
• Act as a trusted security advisor to technical and non-technical stakeholders

Required Experience

• Proven experience as a Technical Security Architect or Application Security Architect
• Strong experience securing legacy application estates, including SQL Server environments
• Deep understanding of RBAC, ABAC and policy-based access control
• Experience defining and governing security and access policies across complex platforms
• Ability to translate business, regulatory and client requirements into practical security designs
• Strong stakeholder engagement and communication skills

Desirable

• Experience integrating legacy applications with modern IAM and policy engines
• Exposure to cloud or hybrid environments (Azure, AWS or GCP)
• Knowledge of Zero Trust and identity-centric security models

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.