1 to 25 of 29 Permanent Threat Detection Jobs in Central London

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

based team. This role is critical in safeguarding our IT infrastructure and ensuring the resilience of our systems. You will be responsible for implementing and maintaining security protocols, managing threat detection tools, and supporting the broader IT team in delivering secure and reliable services. You will play pivotal role in improving company security posture and internal best practices … and operating systems, Manage relationships and work closely with third-party cyber security service providers. Manage and optimize security tools, including endpoint protection, Microsoft Intune, Entra, Azure, and external detection and response tools. Conduct vulnerability assessments and coordinate patch management cycles. Collaborate with infrastructure and support teams to ensure secure configurations of networks, endpoints, applications, and services. Collaborate with More ❯

of cloud adoption. Technical Leadership & Delivery Support Act as a technical mentor for development teams, ensuring best practices in cloud solution implementation. Oversee cloud security controls, including access management, threat detection, and incident response strategies. Troubleshoot and resolve complex cloud infrastructure and application architecture challenges. Your Profile Essential skills/knowledge/experience: Cloud Expertise: Extensive hands-on …/CD automation. Deep understanding of transitioning strategies from legacy to cloud-native applications. Security & Compliance - Strong understanding of cloud security controls, IAM, compliance frameworks (GDPR, SOC2, NIST), and threat mitigation strategies. Strategic Collaboration - Experience working with CIOs and IT leaders to define digital transformation roadmaps. TOGAF Certification Microsoft Azure Solutions Architect SABSA (Security Architecture) AWS Certified Solutions Architect More ❯

standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects More ❯

solutions. Experience with security automation using PowerShell, Azure Policy, or Infrastructure-as-Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

Social network you want to login/join with: Cyber Security Detection Engineer, london (city of london) col-narrow-left Client: RiverSafe Location: london (city of london), United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Views: 3 Posted: 27.06.2025 Expiry Date: 11.08.2025 col-wide Job Description: We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic … across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and More ❯

skilled professional with deep expertise in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve SOC operations, particularly around threat detection, and IR. Conduct SOC readiness assessments, identifying capability gaps and recommending improvements Provide strategic guidance on SOC tool selection, configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

integratingcloud networking, software-defined networking (SDN), and AI-driven automation. Ensureend-to-end network automationto improve operational efficiency, agility, and reliability. Drivezero-trust network securityprinciples, ensuring compliance and proactive threat mitigation. Establish aglobal observability and telemetry frameworkforreal-time network insights. Align network strategies withbusiness growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking: Overseeglobal network architecture, spanningdata … capabilities. ScaleInfrastructure as Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establishnetwork reliability objectives, includingSLOs, SLIs, and error budgets. Implementreal-time incident detection and responseusing AI-driven network analytics. Ensurehigh availability, network resilience, and 24x7 operational support. Develop afollow-the-sun support model, ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively … Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork infrastructure spending, ensuringcost-effective, high-performance connectivity. Leadvendor selection, contract negotiation More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

a cyber security role (ideally within an MSP or multi-client setting) Security certifications like Security+, CySA+, or equivalent (working toward CISSP or equivalent a bonus) Strong understanding of threat detection, risk analysis, and incident response Excellent communication and documentation skills Why Join? Broad exposure across industries and technologies Supportive, close-knit team environment Clear progression paths into More ❯

Security Operations Analyst for a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities … across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to lock down … cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code More ❯

in securing complex, cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud … visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and services Performing proactive threat hunts and maturing detection logic over time Key skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command … Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or reach out to learn more. More ❯

to stay updated on cybersecurity trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication More ❯

cybersecurity roadmap. Manage third-party partners and auditors , ensuring compliance, insurance requirements, and continuous risk assessments. Champion a security-first culture , driving awareness, training, and the adoption of modern threat detection and prevention tools. What we look for: Strong understanding of compliance standards such as PCI DSS, GDPR, SOC2, ISO27001, Cyber Essentials Impressive verbal and written communication skills More ❯

Identity and Access function within the Cyber Security team, including: o Access Management o Identity Governance and Administration o Role Based Access Control o Privileged Access Management o Identity Threat Detection and Response o Access Certification o Identity Data Management & Analytics Ensure that only authorised identities have access to the relevant data and systems. Working with department Heads More ❯

Join a world-leading cybercrime SaaS organisation in an exciting Senior/Principal AI Engineer role to deliver robust and impactful AI-based solutions to advance threat detection efficiency. Our client is headquartered in the UK and, whilst being well-established with significant sector success behind them, serving the largest names globally across the banking and government spaces … platform. Required experience for the Senior/Principal AI Engineer role: Machine learning (ML), deep learning and statistical analysis skills – even better if these skills have been applied to threat detection, malware analysis, phishing and/or abuse detection. Experience building production-grade AI pipelines, including data ingestion, feature engineering, validation, model deployment, and monitoring. Experience designing and … implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying cyber threats (URLs, domains, phishing, botnets, etc.) Proficient in a major backend language (ideally Golang) and related ML/AI libraries (e.g. Tensorflow & PyTorch, etc.) Experience with an MLOps platform like Kubeflow. Demonstrated ability to transition models from prototype to production. Experience assessing various More ❯

About Netcraft Netcraft is the global leader in cybercrime detection and disruption. We're a trusted partner for three of the four largest companies in the world and many large country governments. We've blocked more than 200 million malicious sites and perform takedowns for around one-third of the world's phishing sites. Our purpose, passion, and expertise … at Netcraft should combine deep applied AI/ML expertise , a hands-on and collaborative approach to developing solution architecture, and eventually develop a strong domain knowledge in cyber threat detection and mitigation. The role is highly collaborative, embedding within technical teams to deliver robust, explainable, and impactful AI-based solutions that advance threat detection efficacy … models. What you'll need to be successful: Advanced knowledge of machine learning, deep learning, and statistical analysis. Massive bonus points if you have experience applying these skills to threat detection, malware analysis, phishing, and/or abuse detection. Experience designing and implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying More ❯

incidents, managing the full incident lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK, preferably within a Financial Services firm. This role offers the chance to work in a fast-paced, global environment with More ❯

values. Description Lead and manage the Security Operations team to ensure optimal performance and adherence to best practices. Develop and implement effective security operations process, playbooks Oversee the monitoring, detection, and response to cybersecurity threats and incidents. Collaborate with stakeholders to ensure compliance with relevant regulations and standards. Provide training and guidance to team members to support their professional … skills in vulnerabilities management, incident management, and the implementation of security protocols. Knowledge of relevant cybersecurity regulations and standards. Experience with Microsoft tools and technologies used in monitoring and threat detection. Excellent leadership abilities and the capacity to mentor team members effectively. Strong communication skills to collaborate with stakeholders at all levels. Job Offer A yearly bonus to reward More ❯