1 to 25 of 44 Threat Detection Jobs

Global music events company requires a Threat Detection Engineer to join their global cyber defence team basaed in the UK but with the option to work fully remote. Key skills needed: SIEM, IDS/IPS, Firewalls and antivirus software; full DevSecOps skillset with demonstrable skills in building threat detection systems in the cloud; scripting skillset in Python or PowerShell; understanding of CI/CD pipeline. My client is a global music and event provider and has a large and complex technology estate that is constantly under cyber attack due to its promincance in the public domain. … The client is on the hunt for a Senior Threat Detection Engineer to join an expanding Cyber Defence team focused on the ongoing protection of its customers, clients, employees and partners. This is a fully remote opportunity reporting into the Senior Manager of Cyber Defence the role will more »

Role: Senior Threat Detection Engineer Duration: 6 Months Location: Swindon Or London (3 days a week onsite) Senior Threat Detection Engineer with extensive experience of Cyber Security The role player should be ambitious, energetic, and experienced highly skilled and experienced Senior Threat Detection Engineer … with a proven track record of working with Incident detection, monitoring handling and response and enhancing the threat detection capabilities, analysing emerging threats, and developing proactive security measures to protect our organization from cyber threats. Key responsibilities: Identify opportunities to enhance the protective and detective capabilities of … justification, change management and deployment of the capabilities. Turn Intelligence into actionable tasks such as use-case creation or enhancements, recreation of attack TTPs, threat hunting etc. Deploy ruleset and policy changes on security control, following a change management process. Lead Purple Team engagements and Tabletop exercises. Work in more »

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »

wider business. Assisting to develop customer centric solution for the UK Intelligence customer group, comprising of both offensive and defensive cyber activities, including: anomaly detection and insider threat detection, malware analysis, reverse engineering, threat intelligence, decoys and deception, application of AI/ML techniques, orchestration and … across all team Key Skills - Experience managing teams in support of UKIC or MOD - Experience with current threats and attack vectors. - Knowledge of intrusion detection and/or incident handling experience. CSSP Infrastructure Support certifications - Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and more »

based in the city of London. Their IT Security function is responsible for operational security delivery within the business. This includes privileged access management, threat protection, threat detection and incident management. The scope covers IT Infrastructure and Business Application Security on a global basis. This role will more »

Layer Security (TLS) cryptographic protocol Terraform SAML and OIDC Azure data security Security auditing, compliance, modelling and risk scoring platforms Proxy security Vulnerability and Threat detection/Endpoint detection and response (EDR) Intrusion detection and prevention, such as Darktrace Ethical Hacker, Cyber Security SANS, CISSP certification more »

approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps … automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges. We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business … regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.) Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust) Experience working within an ITIL environment or structured platform management, particularly more »

you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures. Own threat management and response. Manage and mentor the cyber security team. Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from … infrastructure to identify vulnerabilities and implement necessary improvements. Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting) Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to … end users. Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture Perform malware analysis and digital forensics where appropriate Drive internal phishing campaigns (KnowBe4 platform more »

business. Responsibilities: Strategic Security Design : Develop comprehensive security architectures, integrating advanced security practices, to safeguard against emerging threats. Focus on cloud security, AI-driven threat detection, and the adoption of zero-trust principles. Standards and Frameworks : Define and update technical security standards and principles, incorporating industry best practices … and compliance requirements from frameworks such as NIST, ISO, and GDPR. Security Reviews and Threat Modeling : Conduct rigorous security assessments and threat modeling for ongoing and new projects, ensuring designs meet stringent security standards. Implement continuous improvement practices for threat identification and mitigation. Cross-functional Leadership : Lead more »

CIP, NIST, NIS2, GDPR, EPCIP, etc. Knowledge of virtualization technologies including Docker, Kubernetes, Linux, etc. Experience with host-based security products and methodologies (e.g., threat detection, end-user detection and response, micro-segmentation, zero trust). Exposure to ITIL environments or structured platform management. Possession of professional … in Cyber Security. Design and deploy security tools for new and existing infrastructure and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and … and data mining in support of cyber goals and the company's digitization transformation. Develop and execute the cyber roadmap for platform development and threat mitigation, in alignment with the unit’s cyber vision and strategy. Continuously enhance professional cyber skills and awareness to stay ahead of cyber threats. more »

responsibilities: Security Architecture Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters more »

The ideal candidate will have a strong background in Cyber Analysis, with expertise in SOC environments, SIEM & Incident Management, Vulnerability Management, and Endpoints or Threat Analysis. Key Responsibilities: - Conduct thorough Cyber Analysis to identify and respond to security incidents. - Monitor and manage Security Operations Center (SOC) environments to ensure … utilizing SIEM tools. - Strong knowledge of Incident Management processes and procedures. - Experience in Vulnerability Management to address potential security vulnerabilities. - Expertise in Endpoints or Threat Analysis to enhance threat detection and response. Requirements: - Bachelor's degree in Computer Science, Information Security, or related field. - Relevant certifications such more »

streamline team processes. Produce documentation to ensure repeatability and standardization of security operating procedures. Develop innovative investigative methods using SOC software toolsets to enhance threat detection capabilities. Maintain system security baseline according to the latest threat intelligence and evolving trends. Participate in root cause analysis of incidents more »

integration opportunities (where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incident response efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). … with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. -You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. -Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. -Mature understanding/experience more »

Analyst to join our client, a leading cybersecurity firm dedicated to protecting their clients’ digital assets and ensuring their safety in an ever-evolving threat landscape. They pride themselves on their innovative solutions and talented team of professionals who work tirelessly to safeguard client data. Main Responsibilities: security alerts … reports on security incidents, including findings, recommendations, and remediation actions. with other SOC analysts and stakeholders to develop and implement proactive security measures and threat detection strategies. in incident response activities, including containment, eradication, and recovery efforts. in the development and maintenance of security policies, procedures, and documentation. … a Security Operations Centre (SOC) environment, preferably in a Level 2 role. understanding of cybersecurity principles, best practices, and technologies. with SIEM platforms, intrusion detection/prevention systems, and other security tools. in analysing and interpreting security event logs, network traffic, and other relevant data sources. analytical and problem more »

respond to malware incidents. Security Tooling (Windows & Cloud Environment): Experience with security tools across different environments. XDR, EDR, Email & Remote Access Security: Expertise in threat detection and secure communication. Content Filtering (Web/Email): Implementing filters to protect against malicious content. Cloud Security (SaaS, PaaS, IaaS): Understanding cloud … security models. Anomaly Detection: Identifying unusual patterns or behaviors. O365, Azure, MS Intune, Identity Management: Proficiency in Microsoft technologies. Cyber-Attack Techniques, Vulnerabilities, and Mitigation Strategies: Knowledge of attack vectors and effective defenses. Mitre ATT&CK and NIST Frameworks: Familiarity with industry frameworks. What you'll get in return more »

Web Services (AWS), Microsoft Azure, Okta, Splunk, Netskope, Palo Alto, Red Hat Enterprise Linux, Windows Server, Docker, and Kubernetes. Responsibilities: Comprehend the company's threat landscape and implement appropriate security controls and capabilities. Deploy automated and scalable security systems, processes, and controls. Oversee and monitor security initiatives throughout the … with offensive security tactics from an adversary's perspective. Hands-on experience with security operations processes and systems, encompassing security monitoring, intrusion prevention and detection, network security, endpoint management and protection, identity management, threat detection, and vulnerability management. Ability to identify threats in distributed environments and effectively more »

to our customers and streamline and automate our business processes. To help us manage our cybersecurity incidents, whilst performing forensic investigations and providing cyber threat intelligence services, we're looking for two talented individuals with strong analytical skills to join this growing team. At AXA we work smart, empowering … security analysts to provide recommendations on security mechanisms Support the maintenance, testing and execution of the AXA UK Security Incident Management framework Provide cyber threat intelligence to in scope UK entities Due to the number of applications we expect to receive for this role, we reserve the right to … networking and common protocol behaviours Proven experience using a major scripting/programming language or search query language to support in security operations and threat detection GIAC certified qualification would be ideal but not essential Comfortable with packet analysis and ideally experienced with network detection and response more »

ISO27001 and Cyber essentials Stay abreast of the latest cybersecurity trends and technologies to continuously enhance our defence mechanisms. Requirements: Proven experience in cyber threat detection, incident response, and vulnerability management. Proficiency in security tools such as SIEM, IDS/IPS, antivirus software, and penetration testing frameworks. Strong more »

maximum availability and responding to calls to support change requests and helping diagnose system issues. Key responsibilities • Monitor global IDS, Network Intruder, Firewall, DDoS detection and mitigation, availability and SIEM platforms looking for potential threats, vulnerabilities and indicators of compromise. • Provide Incident remediation and prevention documentation and recommendations to … excellent customer service to ensure the continued delivery of high quality of the SOC services. • Initiate escalation procedure to counteract potential threats, vulnerabilities and threat actors. • Compilation and review of service focused reporting. • Perform other duties as assigned. • Ability to work on a shift basis including weekends and evenings. … Skills Theoretical knowledge of security toolsets such as SIEM, IDS, Vulnerability Management, Availability Monitoring and other threat detection technologies. · Pre-existing knowledge of common network protocols. · Pre-existing knowledge of Windows and Linux based operating systems. · Ability to solve complex problems and deliver clear conclusions from investigation · Ability more »

Operations Engineer/Security Operations Analyst/Cybersecurity Engineer/Incident Response Engineer/Security Analyst/Network Security Engineer/SOC Engineer/Threat Detection Engineer/Security Incident Responder/Cyber Operations Engineer/Information Security Engineer/Cyber Defense Engineer ********************************************************************************* RedTech Recruitment Ltd focus on more »

packet analysis and reporting analysis. You will require a basic understanding of networking and infrastructure design which will be built upon to along with detection and monitoring tooling identify vulnerabilities and areas of compromise. As a Junior Cyber Security Analyst, you will learn the skills and techniques enabling you … also support the Implementation, Operation and Management of the new technologies including PAM, EDR and DLP solutions. What You'll Be Doing: '€¢Creating of threat detection analytics '€¢Onboard log sources in alignment with the MITRE ATT&CK Framework '€¢Investigating and monitoring SIEM platform '€¢Tuning of alerts and event … level of defence '€¢Ensuring all identified events are investigated thoroughly '€¢Working with Senior Analysts (Level 3) to improve and simplify processes '€¢Working with the Threat Hunters to identify and assist in the remediation of advance security threats What we're looking for: '€¢Cyber security degree or equivalent experience '€¢Experience more »

friendly and supportive environment where you can work with autonomy and enjoy flexible working. As a Cyber Security Manager, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational … You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with more »

work with autonomy and enjoy flexible working (x2 days office per month). As a Lead Cyber Security Engineer, you will take ownership of threat management and response, establishing and maintaining robust cyber security policies, playbooks and procedure to ensure compliance with regulatory requirements, industry standards in an Operational … You'll perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture. Office & WFH Policy: You'll have flexibility to work from home, meeting up with more »

Docker, Kubernetes and more. What You'll Do Architect and automate sophisticated, scalable security systems, processes and controls Oversee and evolve comprehensive security monitoring, threat detection and intrusion prevention/response Proactively assess risks and threats to develop strategic cybersecurity controls Function as a security force multiplier through more »