Role Description Make a difference. Every role at CQC contributes to our mission. If you’re looking for a new role in Cyber Security that gives a true sense of meaning and purpose, then you’ve found it! Our team helps keep CQC’s systems and data safe, so we can focus on improving health and care for everyone. Picture this: You’re working in a supportive team, investigating security alerts, making sense of complex information, and helping reduce risks across the organisation. Your work helps keep systems safe and ensures we respond quickly to emerging threats. As a Security Operations Analyst, you will: - Lead the early investigation of a suspected data breach, analysing information from multiple systems to provide clear recommendations that protect sensitive data. - Carry out in-depth research into cyber threats and trends, using advanced tools to identify patterns and suggest improvements to strengthen our security approach. The role involves: - Managing security incidents: Act as a key contact for security alerts, queries, and incidents, ensuring they are logged, assessed, and handled quickly to reduce risk. - Investigating and analysing threats: Carry out detailed investigations into cyber incidents, including root cause analysis, and suggest clear actions to prevent repeat issues. - Improving security and resilience: Work with internal teams and partners to fix vulnerabilities, strengthen defences, and support the ongoing development of our security tools and processes. Qualifications - Experience investigating and responding to cyber security incidents, including analysing data and recommending actions to reduce risk. - Hands-on experience using Microsoft security tools such as Sentinel, Defender XDR, or Entra to monitor, detect, and respond to threats. - Experience working with recognised security standards or frameworks (such as ISO 27001, GDPR, or similar) and applying them in day-to-day work. Requirements - To progress your application, you’ll need to provide evidence of your right to work in the UK. Without valid right to work you won’t be eligible for the role. - We are unable to offer sponsorship for this role. - Some roles may also be subject to a satisfactory DBS check. Benefits - Annual leave starting at 27 days per year, rising to 32.5 days with service, plus bank holidays (usually 8 days per year). - Training and development opportunities. - Wellbeing initiatives, such as gym discounts and meditation. - NHS pension scheme, with around 14% employer contribution. - Discount schemes (including eligibility for a Blue Light card, at a cost of £4.99 and valid for 2 years), reward vouchers, car leasing and more!

Role Description In this role, you will be part of the Global Information Security team within Kinaxis. You will support various functions including: - Security Operations - Digital Forensics - Threat Intelligence - Risk Assessments - Security Audits Overall, you will assist and contribute to the global team in day-to-day analysis tasks and in fun wider team security projects. This will allow you to learn and gain experience in both analytical and interpersonal skills. Qualifications - Currently enrolled in a program where information security is the primary focus - Good understanding of non-technical aspects of information security - Basic understanding of industry standards and best practices related to Systems, Networks, Identity, and Security management - Good understanding of Cloud platforms and services especially as it relates to Security - Strong problem-solving and analytical skills - Excellent verbal and communication skills - Self-starter Requirements - Participate in the Security Incident Response Process - Conduct review of security logs from systems - Correlate and identify potential incidents or areas of risk - Analyze suspicious e-mails when required - Support vulnerability and penetration tests on target systems - Identify compromised systems on the network and assist with containment and mitigation - Identify and propose key information security program priorities, initiatives, plans, practices and tools - Provide guidance (e.g., information security risk severity assessments / relative cost benefit analysis / business impact analysis etc.) and provide recommendations regarding prioritization of investments and projects that mitigate risks, strengthen defenses and reduce vulnerabilities - Implement and support approved information security projects - Support internal and external security audits - Collaborate across the company to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required - Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the Company - Understand potential and emerging information security threats, and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis - Assist with disaster recovery and business continuity planning - Perform technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment - Train users and promote security awareness to improve defenses and the security culture within the organization - Document and update operational security procedures and diagrams Benefits - Flexible vacation and Kinaxis Days (company-wide days off) - Flexible work options - Physical and mental well-being programs - Regularly scheduled virtual fitness classes - Mentorship programs, training, and career development - Recognition programs and referral rewards - Hackathons

• Own and drive the strategy, roadmap, and maturation of LastPass's Security Operations function - translating the threat landscape into a multi-year program plan that scales with the business • Lead all response operations across the full incident lifecycle, from detection and triage through containment, eradication, recovery, and post-incident review • Build, develop, and retain a high-performing team of analysts and engineers - setting clear performance expectations, career development pathways, and a culture of operational excellence • Partner with the CISO, Legal, and Communications to manage high-severity incidents, coordinating executive response and fulfilling regulatory notification obligations • Define and own detection and response program metrics, SLAs, and reporting frameworks - providing the CISO and board with clear, evidence-based visibility into program maturity and risk posture • Champion the integration of AI-assisted triage, automation pipelines, and Detection-as-Code methodologies to reduce analyst toil and drive down mean-time-to-respond • Establish and maintain strategic relationships with external partners - including threat intelligence vendors, law enforcement, and industry information-sharing groups — to strengthen LastPass's situational awareness • Collaborate across Business Technology, Cloud Security, and Platform Engineering to ensure cohesive detection coverage and coordinated response capability across the full technology estate

Role Description The Incident Response Defensive Operations (IRDO) team is seeking a highly experienced, technically strong Lead Security Engineer to drive the design, development, and evolution of our Cybersecurity Incident Response capabilities. This role is intended for a hands-on leader who operates at the intersection of incident response, detection engineering, and security architecture. You will partner closely with Incident Response, and the Threat Detection and Engineering (TIDE) teams to build scalable solutions that improve detection, response, and containment across the enterprise. In addition to leading high-impact engineering initiatives, you will play a critical role in shaping strategy, defining technical standards, and ensuring the IR program can effectively defend against evolving threats. As part of this role, you will also be a key contributor to the CSIRT Defense Profiling program, driving improvements in detection coverage, response capability, and defensive maturity across core domains including email, applications, networks, and endpoints. What You'll Do: - Lead the design and implementation of scalable incident response capabilities, including detection, containment, and response automation. - Architect and develop advanced automation frameworks to reduce response time, eliminate manual effort, and improve consistency across IR workflows. - Identify systemic gaps in detection, visibility, and response capabilities; drive engineering efforts to close them. - Own and deliver complex, cross-functional initiatives that enhance IR tooling, telemetry, and operational effectiveness. - Partner closely with TIDE to define detection requirements, improve signal quality, and operationalize new detections within IR workflows. - Establish and enforce engineering standards, best practices, and design patterns for IR tooling and automation. - Contribute to and help evolve the CSIRT Defense Profiling program, including modeling detection and response coverage across key attack surfaces. - Serve as the EU-based lead for CSIRT activities subject to data sovereignty constraints, directly supporting investigations that require EU presence and designing processes, controls, and automations to ensure compliant handling, analysis, and storage of sensitive data. - Provide technical leadership and mentorship to engineers and analysts, elevating overall team capability. - Act as a senior escalation point for complex incidents requiring deep technical expertise or custom response solutions. - Continuously evaluate emerging threats, tools, and techniques to ensure IR capabilities remain effective and forward-looking. Qualifications - Bachelor’s Degree (or equivalent experience) in Computer Science, Cybersecurity, or a related field. - 7+ years of experience in cybersecurity engineering, incident response, or detection engineering (or equivalent combination of education and experience). - Proven experience designing and building security tooling, automation, or detection systems at scale. Requirements - Strong experience with incident response processes, including detection, triage, containment, and remediation. - Deep understanding of operating systems (macOS, Linux, Windows), networking, and attacker tradecraft. - Hands-on experience building automation using tools such as TINES, SOAR platforms, AWS Lambda, or custom scripting frameworks. - Experience integrating and leveraging SIEM/XDR platforms (e.g., Splunk, LogScale, Falcon, etc.). - Ability to translate operational needs into scalable technical solutions and architectures. - Strong software engineering fundamentals (clean code, modular design, maintainability). - Excellent problem-solving skills with the ability to operate in complex, ambiguous environments. - Strong communication skills with the ability to influence technical and non-technical stakeholders. - Ability to lead initiatives, align cross-functional teams, and drive outcomes independently. - High level of ownership, accountability, and attention to detail. Bonus Points: - Strong scripting or programming experience (e.g., Python, Go, PowerShell, Bash). - Experience with detection engineering frameworks (e.g., MITRE ATT&CK) and coverage modeling. - Familiarity with attack surface management concepts and methodologies. - Experience with cloud security (AWS, GCP, Azure) and modern infrastructure environments. - Experience mentoring or leading engineers in a technical environment. - Familiarity with data sovereignty and privacy frameworks (e.g., GDPR) and their impact on incident response operations. - Relevant security certifications (e.g., GCIA, GCIH, CISSP). Benefits - Market leader in compensation and equity awards. - Comprehensive physical and mental wellness programs. - Competitive vacation and holidays for recharge. - Paid parental and adoption leaves. - Professional development opportunities for all employees regardless of level or role. - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections. - Vibrant office culture with world class amenities. - Great Place to Work Certified™ across the globe.