18 of 18 Threat Detection Jobs in the North West

the organisation's cyber resilience. As a Senior Cyber Security Analyst, you will play a key role in protecting systems, networks, and data against cyber threats. You will lead threat detection and incident response efforts, support the development of security policies and controls, and work closely with stakeholders to ensure compliance and security best practice across the business. … teams to ensure cyber security best practice is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat … technical background. Detailed understanding of application security along with experience of working alongside software development teams, supporting and advising on best practice to maintain security. Significant experience of endpoint detection and response (EDR) technologies and network detection and response (NDR) technologies. Detailed knowledge of Information Security standards including Cyber Essentials, Cyber Essentials Plus and ISO27001. Good understanding of More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What you'll be doing: Delivery of core triage function as part of protective monitoring services … threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Essential: Experience … and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and More ❯

I am looking for a highly skilled Security Operations & Threat Intelligence Analyst to join a cybersecurity provider dedicated to protecting organizations from cyber threats. With global reach and deep technical expertise, the company delivers advanced threat detection, response, and intelligence services. Its mission is to build a safer digital society by helping businesses stay resilient through proactive … security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence More ❯

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models More ❯

Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the … role in helping to protect front-line policing from cyber-attacks. Configuration and maintenance of the NMC central Microsoft Azure, Lighthouse and Sentinel platform. Development, maintenance, and deployment of detection rules and other SIEM content. Creation of custom solutions using both low-code and traditional development approaches. Providing support to forces for the configuration of Sentinel and log sources. More ❯

adoption. Serve as the voice of the customer within the business, ensuring their expectations are understood and consistently met. Contribute to comprehensive customer reporting, including analysis of service performance, threat detection trends, investigation outcomes, and related metrics such as SLAs, ingestion data, and vulnerability findings. Collaborate with engineering to identify opportunities for service enhancement and implement technical upgrades. More ❯

experience to provide technical guidance and mentorship to the existing team members. What You’ll Do: You'll help keep our systems safe by setting up security alerts, improving threat detection, and automating incident response. Managing logs and ensuring our most important assets are protected will be part of your daily tasks. You'll monitor security threats, analyze More ❯

Level 1 (BLT1) or SC-200. This could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands-on experience: Threat Detection & Response: Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar, etc.) and act quickly to counter potential threats. Incident Investigation: Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management: Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence: Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication: Work closely with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: Experience in an IT-focused role with … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

Level 1 (BLT1) or SC-200, this could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: - Experience in an IT-focused … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

experience onboarding and managing log sources in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting . Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.) . Experience working in a … Security Operations environment or supporting SOC functions . Understanding of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the More ❯

involved in, an active UK*C DV Clearance is required for eligibility. As a DevSecOps Engineer, you'll be responsible for embedding security into CI/CD pipelines, automating threat detection, managing vulnerabilities, and ensuring compliance. You'll work closely with DevOps, SRE, and Security teams to design and build secure, scalable infrastructure through Infrastructure-as-Code (IaC More ❯

and people that drive innovation across the University. As a University we are investing in security as a strategic priority including new capabilities in secure cloud adoption, automation and threat detection, identity governance, Zero Trust architecture, and real-time risk awareness. You will play a central role in shaping the future of these capabilities and helping colleagues across More ❯

Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attack click apply for full job details More ❯

Management Centre (NMC) is part of Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attack... JBLK1_UKTJ More ❯

weaknesses and enhancing defensive capabilities Contributes to the development of Active Defence, Red Team capabilities through people, process, and technology where appropriate Maintains a broad understanding of the external threat environment and attacker tactics, techniques, and procedures Your skills and experiences: Demonstrable experience in penetration testing Proficient in penetration testing tools such as Burp Suite, Nmap, Metasploit etc CREST … and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations Team Cyber Operations is responsible for protecting BAE Systems from Cyber Attacks by various threat actors. Not only do we protect BAE systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and … services we create. Across Threat Intelligence, Threat Detection, Incident Response and Active Defence we work to evolve cyber operations as a world class capability. This role will sit under the Active Defence, Red Team who are responsible for delivering the following capabilities in support of Cyber Operations: Red Teaming, Purple Teaming, Security Critical Control Testing, Threat More ❯

Company Description I am working closely with a Cyber Security and IT services provider that operates on a global scale, offering a wide range of services, including testing, threat detection, risk management, and network security. As part of the gaming industry, they offer exciting positions and never-ending learning opportunities. Standing out because of their extensive expertise, this More ❯