National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend
National AI Awards 2025

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

6 min read

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams.

Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025.

Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see:

Main UK hub

Example live or recent vacancy

Why it’s worth a look (tech stack, culture, mission)

Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Contents

  • Cyber Security Vendors & Scale‑ups

  • Managed Security Service Providers (MSSPs)

  • Consulting & Incident Response Specialists

  • Finance, Telecom & Critical‑Infrastructure Leaders

  • Public Sector, Defence & Research Initiatives

  • Hiring trends & next steps


1. Cyber Security Vendors & Scale‑ups (1–10)

  1. Darktrace – Cambridge & London

    • Vacancy: Self‑Learning AI Research Engineer

    • Why: Expanding GenAI threat‑detection platform; IPO rebound fuels R&D growth.

  2. Sophos – Abingdon, Oxfordshire

    • Vacancy: Principal Malware Analyst – Endpoint XDR

    • Why: Doubled MDR customer base; rolling out a new managed SOC hub.

  3. SecureWorks – London & remote‑UK

    • Vacancy: Counter‑Threat Hunt Analyst – Taegis XDR

    • Why: Remote‑first culture, strong training budget, UK SOC expansion.

  4. CrowdStrike – London

    • Vacancy: Falcon Sensor Engineer – Linux Kernel

    • Why: EMEA revenue up 40 %; hires kernel developers & threat‑intel analysts.

  5. Tessian – London

    • Vacancy: Machine‑Learning Engineer – Human‑Layer Security

    • Why: Series D scale‑up combating phishing with behavioural analytics.

  6. Immersive Labs – Bristol & remote

    • Vacancy: Cyber Skills Content Developer

    • Why: SaaS lab platform for upskilling blue‑ & red‑teams; globally remote workforce.

  7. NCC Group – Manchester

    • Vacancy: Senior Penetration Tester – CHECK / CREST

    • Why: UK’s largest pure‑play cyber consultancy with generous cert budget.

  8. Cado Security – London

    • Vacancy: Cloud Forensics Engineer – AWS & Azure

    • Why: First cloud‑native DFIR platform; fast‑growing engineering team.

  9. Glasswall – Canary Wharf

    • Vacancy: Content Disarm & Reconstruction (CDR) Developer

    • Why: Protects UK critical‑national‑infrastructure email flows; hybrid roles.

  10. Quorum Cyber – Edinburgh & Leeds

    • Vacancy: SOC Shift Lead – Microsoft Sentinel

    • Why: Microsoft Solutions Partner of the Year; major MDR contract wins.


2. Managed Security Service Providers (MSSPs) (11–20)

  1. BT Security – Birmingham & Ipswich

    • Vacancy: Threat Intelligence Analyst – Global SOC

    • Why: Oversees 6 000 customers; rolling out AI‑powered NetOps/SecOps fusion.

  2. BAE Systems Digital Intelligence – Guildford & Leeds

    • Vacancy: Cloud Security Architect – AWS GovCloud

    • Why: New Leeds hub serves defence & energy clients; SC/DV clearance premiums.

  3. Kyndryl – London & Glasgow

    • Vacancy: Security Operations Engineer – Splunk SOAR

    • Why: Post‑IBM spin‑off investing heavily in its UK MSSP campus.

  4. AT&T Cybersecurity – London & remote

    • Vacancy: Managed Detection & Response Consultant

    • Why: AlienVault USM Anywhere adoption booming among UK SMEs.

  5. Orange Cyberdefense – Slough & remote

    • Vacancy: Purple‑Team Specialist – MITRE ATT&CK

    • Why: Acquired SecureLink UK; new threat‑hunting centre.

  6. NTT Security – London Docklands

    • Vacancy: Security Automation Engineer – SOAR

    • Why: Builds SOC automation for global sporting‑event contracts.

  7. F‑Secure Consulting – London & Basingstoke

    • Vacancy: Web‑App Pen Tester – OWASP Top 10

    • Why: Combines product telemetry with consulting; rapid progression paths.

  8. Trustwave SpiderLabs – London

    • Vacancy: DFIR Consultant – Incident Containment

    • Why: High‑profile breach response retainers; frequent travel optional.

  9. BlueVoyant – Manchester & remote

    • Vacancy: Supply‑Chain Risk Analyst – Cyber Third‑Party Management

    • Why: UK Government Preferred Supplier; remote SOC shifts available.

  10. Secure Storm – Newcastle

    • Vacancy: Cloud Security Engineer – Azure Landing Zone

    • Why: Fast‑growing northern MSSP supporting NHS and fintech clients.


3. Consulting & Incident Response Specialists (21–30)

  1. Deloitte Cyber & Strategic Risk – London, Reading, Belfast

    • Vacancy: Senior Consultant – Zero‑Trust Transformation

    • Why: Practice tops 2 000 UK cyber staff; strong certification support.

  2. PwC Threat Intelligence – London & Manchester

    • Vacancy: Cyber Threat Hunt Lead – Red Team / Purple Team

    • Why: Hosts UK Cyber Incident Response Centre; cutting‑edge tooling.

  3. EY Cyber Security – London & Bristol

    • Vacancy: OT Security Consultant – NIS 2 Compliance

    • Why: Industrial‑control practice trebled; hybrid working model.

  4. KPMG Ignite Cyber – London

    • Vacancy: Cloud Security Engineer – GCP & AWS

    • Why: Joint venture with Google Cloud accelerates hiring.

  5. Accenture Security – Newcastle & Glasgow hubs

    • Vacancy: Identity & Access Management Architect – SailPoint

    • Why: Acquired two UK IAM boutiques; invests heavily in northern talent.

  6. Mandiant (Google Cloud) – London

    • Vacancy: Incident Responder – APT & Ransomware

    • Why: High‑profile IR engagements; access to Google’s threat intel.

  7. S‑R M (Security & Risk Management) – London

    • Vacancy: Cyber Due‑Diligence Analyst – M&A

    • Why: Boutique advisory on multi‑million deals; steep learning curve.

  8. Context Information Security (Accenture) – Cheltenham & London

    • Vacancy: CHECK‑Team Leader – Red Team Operations

    • Why: DV‑cleared penetration testing for MoD & critical infrastructure.

  9. WithSecure (ex‑F‑Secure business) – London & remote

    • Vacancy: Cloud Security Advisor – Azure Sentinel

    • Why: Product‑plus‑consulting model; remote and hybrid options.

  10. Nettitude (Lloyd’s Register) – Rugby & Glasgow

    • Vacancy: Senior Security Consultant – Maritime OT

    • Why: Unique exposure to shipping & offshore platforms.


4. Finance, Telecom & Critical‑Infrastructure Leaders (31–40)

  1. Lloyds Banking Group – Leeds & London

    • Vacancy: Principal Security Engineer – AWS, GCP, Azure

    • Why: Platform transformation fuels multicloud security hiring.

  2. Barclays – Radbroke (Knutsford)

    • Vacancy: Cyber Security Analyst – Threat Modelling & MITRE

    • Why: 24 × 7 global SOC; strong internal‑mobility paths.

  3. HSBC – Birmingham Cyber Hub

    • Vacancy: Security Automation Engineer – Palo Alto XSOAR

    • Why: £600 m cyber‑modernisation budget; hybrid working policy.

  4. Nationwide – Swindon & London

    • Vacancy: DevSecOps Engineer – Azure DevOps

    • Why: Building a cloud‑native banking platform; flexible hours.

  5. Vodafone UK – Newbury & London

    • Vacancy: 5G Security Architect – O‑RAN

    • Why: Rolling out the UK’s first fully virtualised 5G core.

  6. BT/Openreach – Birmingham & Ipswich

    • Vacancy: OT SOC Analyst – SCADA Threats

    • Why: Protects 77 000 exchanges & cabinets; unique critical‑infra exposure.

  7. National Grid – Warwick & Wokingham

    • Vacancy: Operational Technology Security Officer

    • Why: Secures a renewable‑heavy grid; NIS 2 compliance projects.

  8. Rolls‑Royce – Derby & Bristol

    • Vacancy: Cyber Assurance Lead – Aerospace & Defence

    • Why: Digital‑twin programme requires robust ICS protection.

  9. Sky – Osterley, London

    • Vacancy: Cloud Security Engineer – Kubernetes & Istio

    • Why: Streaming platform migration to containers; generous L&D budget.

  10. BBC – Salford & London

    • Vacancy: Application Security Specialist – Secure SDLC

    • Why: Public‑interest mission, large open‑source codebase.


5. Public Sector, Defence & Research Initiatives (41–50)

  1. National Cyber Security Centre (NCSC) – London & Cheltenham

    • Vacancy: Vulnerability Researcher – Hardware & IoT

    • Why: Front‑line defence, direct impact on UK critical services.

  2. National Crime Agency (NCA) – NCCU – London & Birmingham

    • Vacancy: Digital Forensics Officer – Cryptocurrency Investigations

    • Why: Tracks organised crime & ransomware gangs; compelling mission.

  3. Ministry of Defence – Defence Digital – Corsham & Samlesbury

    • Vacancy: Cyber Operations Officer – Defensive Cyber

    • Why: New National Cyber Force site; DV‑clearance premium.

  4. GCHQ – Cheltenham & Manchester

    • Vacancy: Software Exploit Developer – Reverse Engineering

    • Why: Cutting‑edge research, unrivalled tooling resources.

  5. Metropolitan Police – Cyber Crime Unit – London

    • Vacancy: Cyber Investigator – Business Email Compromise

    • Why: Tackles high‑impact crime; clear route to senior detective roles.

  6. HM Revenue & Customs (HMRC) Digital – Newcastle & Leeds

    • Vacancy: Security Engineer – Zero‑Trust Azure Environment

    • Why: Making Tax Digital drives cloud‑security work at national scale.

  7. NHS England – Cyber Operations – Leeds & Bristol

    • Vacancy: Incident Response Manager – Health Sector

    • Why: Protects 1.3 million staff & 25 000 endpoints.

  8. University of Oxford – Cyber Security Centre – Oxford

    • Vacancy: Research Fellow – AI for Intrusion Detection

    • Why: Top academic lab, publishes in leading conferences.

  9. Alan Turing Institute – Trustworthy Digital Infrastructure – London

    • Vacancy: Data‑Centric Security Scientist

    • Why: Cross‑disciplinary research, public‑interest focus.

  10. Digital Catapult – Cyber Physical Lab – Belfast & London

    • Vacancy: Industrial IoT Security Engineer

    • Why: Testbeds for SMEs; hands‑on with edge, 5G & robotics.


Hiring trends we’re seeing for 2025

  • AI & automation everywhere – Job ads for SOAR engineers and AI‑augmented SOC analysts have tripled since 2024.

  • Cloud security overtakes on‑prem – Two‑thirds of vacancies reference AWS, Azure or GCP, often across multiple clouds.

  • Zero‑trust is mainstream – Architects with ZTNA or micro‑segmentation experience command 20 % salary premiums.

  • OT & critical‑infrastructure skills in short supply – Energy & transport operators have doubled demand for engineers versed in IEC 62443 and NIS 2.

  • Certification wars – Employers increasingly prefer vendor‑agnostic certs (OSCP, CISSP, GIAC) over vendor badges alone.

  • Hybrid working prevails – Three on‑site days is now standard, but incident‑response and product roles often stay remote‑first.


How to maximise your applications

  1. Tailor your CV – spotlight purple‑team successes, SOAR scripting or cloud‑native controls that match each advert.

  2. Use our filters – search “SOC + remote”, “CHECK team lead”, or “OT + DV clearance” on CyberSecurityJobs.tech.

  3. Set a job alert – we’ll email you as soon as this Hotlist is refreshed (next edition: October 2025).

  4. Network smartly – attend events like Cyber UK, BSides London, CRESTCon & the NCC Group Open Evening; many employers above sponsor & interview on‑site.

  5. Upskill continuously – master cloud CCM benchmarks, infrastructure‑as‑code scanning, OT protocol forensics & AI‑assisted detection to stay in demand.


About this Hotlist

Approximate word count: 2 550.
Every employer was confirmed via open UK job adverts, corporate career pages or formal growth announcements within eight weeks of publication.

Found it useful? Share on LinkedIn, tag @Cyber Security Jobs UK, & help fellow defenders discover brand‑new opportunities. Remember to bookmark—this page is refreshed quarterly so you’ll always know who’s hiring right now.

Related Jobs

Cyber Security Specialist

Cyber Security Specialist**Location: London/Hybrid (2 days in office)Rate: A highly competitive salary is available for suitable candidatesRole ProfileAs a Cyber Security Specialist, you will be the go-to Subject Matter Expert (SME) for various projects, offering your insights and recommendations to enhance our security posture. With a strong technical background, you will work independently while leveraging the support of a tight-knit...

London

IT Security Engineer - Global Software company

Are you an accomplished IT Security Engineer (Application &/or Infrastructure focused), looking to make your next move into a small team of like-minded, security focused people?Would you relish the opportunity to work with one of the UK’s leading independent Software houses, with a global footprint (but UK HQ), 500 staff & a focus on technical excellence?If so, we are looking...

London

Security Specialist (Cyber)

Information Security Specialist (Cyber)Hybrid - Southampton - 60% Time onsite£42,848 - £55,000Please note for to apply for this role you must use the link included below.Job summaryCan you assess cyber threats, communicate risk clearly to stakeholders, and support effective protective measures?Do you bring the perfect balance of technical security expertise and collaborative influence to help shape secure, standards-aligned systems in...

Southampton

Cyber Security Analyst

Cyber Security AnalystHull/HybridA great opportunity for a Cyber Security Analyst to join one of the UK’s leading enterprise manufacturing businesses. You will join a company that has experienced year on year growth and is looking to hire due to the expansion of the team.You will be part of a business driving innovation in its sector and a team the business...

Kingston upon Hull

Cyber Security Engineer

We are the UK’s largest mutual life, pensions, and investment company, offering protection, long-term savings and asset management products and services.Job Title: Cyber Security EngineerContract Type: PermanentLocation: Alderley Edge OR EdinburghWorking style: Hybrid 50% home/office basedClosing date: 22nd July 2025We are expanding our security and resilience team within the CISO office. Over the last few years, we have been on...

Butley Town

Cyber Security Engineer

Senior Cyber Security Engineer Are you a passionate Cyber Security Engineer with hands-on experience in deploying Microsoft security solutions and supporting clients with robust threat protection strategies?This is a unique opportunity to join a well-established, award winning Managed Services Provider (MSP), known for its strong reputation in the UK tech market, to help deliver cutting-edge security solutionsThis role is ideal...

Tottenham Court Road

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Hiring?
Discover world class talent.