1 to 25 of 69 Threat Detection Jobs

Global music events company requires a Threat Detection Engineer to join their global cyber defence team basaed in the UK but with the option to work fully remote. Key skills needed: SIEM, IDS/IPS, Firewalls and antivirus software; full DevSecOps skillset with demonstrable skills in building threat detection systems in the cloud; scripting skillset in Python or PowerShell; understanding of CI/CD pipeline. My client is a global music and event provider and has a large and complex technology estate that is constantly under cyber attack due to its promincance in the public domain. … The client is on the hunt for a Senior Threat Detection Engineer to join an expanding Cyber Defence team focused on the ongoing protection of its customers, clients, employees and partners. This is a fully remote opportunity reporting into the Senior Manager of Cyber Defence the role will more »

Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing … for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations Author, update, and maintain SOPs, playbooks, work instructions Utilize Threat Intelligence and Threat Models to create threat hypotheses Plan and scope Threat Hunt Missions to verify threat hypotheses Proactively and iteratively search through systems and networks to detect advanced threats Analyze host, network, and application logs in addition to malware and code Prepare and report more »

SOC) is a U . S . Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial i nternet connection, public … and automation. Develop new processes, procedures, and playbooks for countermeasure implementation as new technologies are deployed in the environment. Understand intrusion sets, TTPs, and threat actors to better tailor countermeasure deployment across the enterprise. Responsible for maintaining a comprehensive understanding of the cyber threat landscape, including identifying and … Assess, analyze, and effectively communicate risks associated with various types of countermeasures and their deployment in the environment. Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise . Proactively and iteratively search through systems and networks to detect advanced threats more »

Description Leidos is seeking a talented Cyber Threat Intelligence Analyst to join our team to support a federal customer within the customers Security Operations. The Cyber Threat Intel Analyst will need a strong cyber security background with experience with the following: Identify, track and investigate high priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures). A comprehensive understanding, analyzing and tracking the cyber threat landscape, including identifying and analyzing cyber threats actors, APT TTPs and/or activities to enhance cyber security posture of the organization's IT operating … bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, with 8-12 years of professional experience and at least 5 years in incident detection and response and/or cyber intelligence analysis. Maintain and drive the development of new reports of Cyber Threat Intelligence analysis to peers more »

our systems and data. The ideal candidate will be responsible for leading compliance assessment and enforcement efforts, designing and implementing robust security architectures, managing threat detection and response activities, and overseeing identity and access management initiatives. Responsibilities: Conduct compliance assessments and enforce security policies and standards to ensure … regulatory requirements and industry best practices. Design, implement, and maintain security architectures that protect our systems and data from cybersecurity threats and vulnerabilities. Lead threat detection and response efforts, including monitoring and analyzing security events, investigating incidents, and implementing remediation measures. Develop and implement identity and access management … Advanced degree or relevant certifications (e.g., CISSP, CISM, CEH) preferred. Proven experience as a Security Engineer, with a focus on compliance assessment, security architecture, threat detection and response, and identity and access management. Deep understanding of cybersecurity principles, methodologies, and technologies, with hands-on experience in implementing security more »

SOC) is a U . S . Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial i nternet connection, public … overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations. Primary Responsibilities: Will conduct cyber threat analysis, identifying mitigation and/or remediation courses of action; developing actionable intelligence used to protect organizational IT assets; and trending cyber threat metrics for leadership situational awareness . Responsible for maintaining a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and/or activities to enhance cybersecurity posture of an the organization's IT operating environment. Identify , track and investigate , and write technical products more »

Description Leidos has an immediate need for a Cyber Threat Hunter to join our NOSC Cyber Team. The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious. The Department of Homeland Security (DHS … Security Center (NOSC) Cyber is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to DHS networks through monitoring, intrusion detection and protective security services to DHS information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing … for the overall security of DHS Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations. Primary Responsibilities: Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations Author, update, and maintain SOPs, playbooks, work instructions Utilize Threat more »

Description Leidos' Digital Modernization sector has a current job opportunity for a Defensive Cyber Operations (DCO) Counter-Measures Engineer to perform advanced threat detection and hunt engineering at Scott AFB, IL. This position will support the GSM-O II program, which provides network operations and cyber defense support … be obtained within 180 days of start date Proficiency in programming in at least one modern language (Java, Python, Ruby, C++). Custom malware detection development experience. Advance understanding of TCP/IP, networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security … systems administration in a cloud or virtualized environment. Experience with API development and integration. Experience with Git, Sigma, Yara, Snort, and Suricata. Experience with Detection-as-a-Code. Experience with malware analysis concepts and methods. Advanced Certifications such as GREM, OSCP, CISSP or CASP. Original Posting Date more »

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »

wider business. Assisting to develop customer centric solution for the UK Intelligence customer group, comprising of both offensive and defensive cyber activities, including: anomaly detection and insider threat detection, malware analysis, reverse engineering, threat intelligence, decoys and deception, application of AI/ML techniques, orchestration and … across all team Key Skills - Experience managing teams in support of UKIC or MOD - Experience with current threats and attack vectors. - Knowledge of intrusion detection and/or incident handling experience. CSSP Infrastructure Support certifications - Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and more »

Layer Security (TLS) cryptographic protocol Terraform SAML and OIDC Azure data security Security auditing, compliance, modelling and risk scoring platforms Proxy security Vulnerability and Threat detection/Endpoint detection and response (EDR) Intrusion detection and prevention, such as Darktrace Ethical Hacker, Cyber Security SANS, CISSP certification more »

approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps … automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges. We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business … regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.) Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust) Experience working within an ITIL environment or structured platform management, particularly more »

you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures. Own threat management and response. Manage and mentor the cyber security team. Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from … infrastructure to identify vulnerabilities and implement necessary improvements. Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting) Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to … end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform more »

business. Responsibilities: Strategic Security Design : Develop comprehensive security architectures, integrating advanced security practices, to safeguard against emerging threats. Focus on cloud security, AI-driven threat detection, and the adoption of zero-trust principles. Standards and Frameworks : Define and update technical security standards and principles, incorporating industry best practices … and compliance requirements from frameworks such as NIST, ISO, and GDPR. Security Reviews and Threat Modeling : Conduct rigorous security assessments and threat modeling for ongoing and new projects, ensuring designs meet stringent security standards. Implement continuous improvement practices for threat identification and mitigation. Cross-functional Leadership : Lead more »

CIP, NIST, NIS2, GDPR, EPCIP, etc. Knowledge of virtualization technologies including Docker, Kubernetes, Linux, etc. Experience with host-based security products and methodologies (e.g., threat detection, end-user detection and response, micro-segmentation, zero trust). Exposure to ITIL environments or structured platform management. Possession of professional … in Cyber Security. Design and deploy security tools for new and existing infrastructure and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and … and data mining in support of cyber goals and the company's digitization transformation. Develop and execute the cyber roadmap for platform development and threat mitigation, in alignment with the unit’s cyber vision and strategy. Continuously enhance professional cyber skills and awareness to stay ahead of cyber threats. more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »

for endpoint protection In-depth Experience utilizing and supporting Microsoft Defender, Entra ID, Intune Extensive experience working in a zero trust environment Configure advanced threat protection policies, conduct threat analysis, and respond to security incidents. Monitor and analyze security logs, alerts, and reports to ensure effective threat detection and prevention Perform follow-up through system monitoring and communication with users and other support teams Configure and monitor appropriate alerts to allow for quick response to security risks Support the integration of Microsoft 365 with other business applications. Implement and enforce security policies, including data loss more »