1 to 25 of 82 Threat Detection Jobs

designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture.What you’ll be doing• Data Ingestion and Enrichment:o Configure Elasticsearch pipelines for data ingestion from … various sources, primarily from Kafkao Enhance data enrichment by integrating threat intelligence feeds and contextual information.• SIEM Solution Development:o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch.o Optimize SIEM rules, alerts, and dashboards for efficient threat detection.• Query Optimization and Performance more »

Senior Cyber Threat Intelligence AnalystThis is a hybrid position primarily based in Edinburgh or Bristol UK. We’re committed to your flexibility and wellbeing and our hybrid strategy currently requires two days a week in the office, giving you the option to work remotely for some of your working … cyber defense posture, processes, and procedures in context to given threats, This role will also include responsibilities for creating meaningful, actionable outputs to improve detection and prevention capabilities on technical topics and publicly reported incidents as part of increasing the cyber awareness of our staff across Computershare.This role is … existing and emerging cyber security threats.ResponsibilitiesThe overall purpose of this role is to spearhead Computershare's CTI cybersecurity vision, crafting policies, overseeing real-time threat detection, engaging stakeholders, ensuring compliance, and managing day-to-day CTI activities for strategic and tactical adaptation in the global business landscape.The role more »

would suit an experienced engineer with deep knowledge of security principles in line with the CISSP CBK domains such as security monitoring, intrusion prevention & detection, network security, endpoint management & protection, identity management, threat detection, vulnerability management. Whilst the position entails significant exposure to vendor products and tooling more »

from cyber threats and vulnerabilities. This position is responsible for leading and owning the response to security incidents, managing the lifecycle of incidents from detection through resolution, and conducting thorough post-incident analysis to prevent future occurrences. By continuously monitoring our security environment, analyzing threats, and implementing strategic defenses … Incident Manager ensures the resilience and integrity of our information systems. This role requires a proactive approach to security, a deep understanding of cyber threat landscapes, and the ability to coordinate effectively across teams and entities to maintain the organization's security posture. Tasks & Responsibilities Identify and assess security … continuous improvement of the organization's ability to monitor, detect, and mitigate cyber security threats. Assist in planning, engineering, configuring, and implementing systems for threat detection and response, ensuring they are optimized for efficient operation. Aggregate, analyses, and triage information from multiple logs/events. Handle the acceptance more »

architectures that protect our company's assets. You will have a deep understanding of cryptographic solutions, specifically Thales Hardware Security Modules (HSMs) and Enterprise Detection and Response (EDR) systems like Darktrace and Stealthwatch. Your expertise will ensure the confidentiality, integrity, and availability of our financial data and services. Key … to ensure secure key management and encryption practices. Oversee the deployment and operational efficiency of EDR tools such as Darktrace and Stealthwatch, enhancing our threat detection and response capabilities. Conduct regular security assessments and audits to identify vulnerabilities and ensure compliance with industry regulations and standards. Collaborate with more »

responsibilities: Security Architecture Design: Design, implement, and maintain security architecture for our AWS environment, ensuring it aligns with industry best practices and compliance standards. Threat Detection and Incident Response: Develop and maintain detection mechanisms for security threats and incidents within AWS infrastructure, including EC2 instances, Kubernetes clusters more »

and beyond to ensure their needs are met. Listed multiple times on Gartner Market Guides for Managed Security Services. Job Role The role of Threat Content Developer provides the successful candidate with an opportunity to develop & enhance Integrity360’s threat detection capabilities across Managed Threat Detection (MTD) and Managed Detection & Response (MDR) service lines. Tracking adversary activity across a range of industries, the successful applicant will help to ensure Integrity360-managed products are positioned to detect the latest tactics, techniques, and procedures employed by attackers. Working alongside teams including Incident Response, Cyber Threat Intelligence, and Integrity360’s Cyber Security Operations Centre (CSOC), the successful applicant will translate intelligence concerning adversary activity into detection capabilities which guide actionable investigations of real time threats. You will bring your knowledge & expertise of security operations, threat detection and security platforms, and threat more »

focus on safeguarding sensitive data and intellectual property. Security Operations: Oversee the day-to-day management of security systems and protocols, including incident response, threat detection, and vulnerability management. Security Awareness: Develop and deliver comprehensive training programs to promote a culture of security awareness and best practices among … relevant regulatory frameworks, such as ISO, GDPR, HIPAA, and FDA regulations. Strong understanding of security technologies and methodologies, including encryption, access control, and intrusion detection systems. Excellent communication and leadership skills, with the ability to collaborate effectively across diverse teams and stakeholders. Relevant certifications such as CISSP, CISM, or more »

number of robust controls. Requirements: Deep understanding of security engineering and implementing security controls Hands on experience of SecOps and security systems Understanding of threat detection, Vulnerability management Cloud & network security Scripting experience - Preferably Python Ability to lead projects and resolve complex issues Please note you will need more »

Active Directory, Azure Storage, Security, and Network Components. Azure policies and governance tools for handling compliance and security Expertise in securing virtualized environments, including threat detection, incident response, and compliance frameworks. Automation tooling for example, Logic Apps, Functions, Azure Automation, Event Grid etc AVD architecture, deployment options, management more »

audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg more »

Agency (DISA) in support of the DOD and COCOMs. In this role, you will provide support with incident handling, triage of events, network analysis, threat detection, trend analysis, metric development, and vulnerability information dissemination. Primary Responsibilities: Leverage an array of network monitoring and detection capabilities (including netflow … and policy. Identify threats to the enterprise and provide mitigation strategies to improve security, and reduce the attack surface. Perform analysis by leveraging serialized threat reporting, intelligence product sharing, OSINT, and open source vulnerability information to ensure prioritized plans are developed. Analyze and document malicious cyber actors TTPs, providing … Certification (or other equivalent DoD 8570 Level II certification) In-depth knowledge of network and application protocols, cyber vulnerabilities and exploitation techniques and cyber threat/adversary methodologies. Proficiency with datasets, tools and protocols that support analysis ( e.g. passive DNS, Virus Total, Recorded Future, TCP/IP, OSI, WHOIS more »

a key part in the Cyber/Information Security function. You will drive and enhance their current operational processes and contribute across Security Assurance, Threat Detection, Risk Management, CPSM & Threat Intelligence. Skills required: Control Frameworks & Industry Standards (ISO27001, 27002, GDPR, NIST) Security Operations Performance Tracking Data Security … Malware Detection, Threat & Incident response For the right person this is a huge opportunity - considering the sustained growth that they're going through, this role has a dotted line to management or C suite positions. This is a 2 stage process - initial 30 minute chat and 60 minute more »

we are seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. … Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incident response activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing security infrastructure and workflows. Automation: Develop … and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to continuously improve our MXDR offerings. more »

managed Security Operations Centre (SOC), they are committed to safeguarding their clients' digital assets and ensuring their peace of mind in an increasingly complex threat landscape. Job Description: As a Cyber Security Engineer with our client, you will play a crucial role in implementing and managing their cybersecurity infrastructure. … Your responsibilities will include: - Implementing and managing Azure Sentinel SIEM for threat detection, incident response, and security monitoring. - Configuring and maintaining Microsoft Defender for endpoint protection and threat detection. - Developing and maintaining KQL (Kusto Query Language) scripts for querying and analysing data within Azure Sentinel. - Collaborating with more »

integration opportunities (where feasible). -You will be undertaking internal pen testing and creation of external penetration testing scopes. -You will be enhancing security detection and incident response efforts/playbooks. -You will be monitoring, remediating, and reporting on security events. -You will be Security incident Manager (SIM). … with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls. -You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies. -Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. -Mature understanding/experience more »

designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. What you’ll be doing • Data Ingestion and Enrichment: o Configure Elasticsearch pipelines for data ingestion … from various sources, primarily from Kafka o Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query more »

mission to help organizations stay protected against emerging threats.About the Company:This leading provider of cybersecurity solutions is dedicated to empowering businesses with comprehensive threat detection and response capabilities. Their platform offers real-time insights and actionable intelligence to defend against cyber-attacks, ensuring clients' security posture remains more »

one in their specialist area and currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach Automation of manual process utilising IAC Collaborate and co-develop with external suppliers and … internal engineering teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »

of Azure resources (VMs, storage, networking, databases, etc.) Implement and enforce security best practices within the Azure environment, including access control, identity management, and threat detection Monitor Azure services for performance and identify opportunities for optimization Automate routine tasks using Azure automation tools (ARM templates, Azure CLI, PowerShell more »

and has previously built user - facing privacy and security capabilities knows how to ensure the integrity and protection of data , i.e. encryption , access controls , threat detection , incident response, GDPR, etc has worked on large corporate accounts , and is confident with the longer-lifecycle enterprise selling process is excited more »

Manager, you will help to deliver improvements across a number of our cyber security domains including; Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre and with other security functions as well as specialist 3rd party security … network, cloud and logging technologies Security Orchestration Automation and Response, building security automation playbooks and integration's Security Data & Analytics, onboarding data and developing detection logic and analytics Essential Criteria: Demonstrable experience working in cyber security Experience supporting security tools, such as SOAR, SIEM, EDR, NGFW, CSPM, WAF, AV … microservices architecture, Kubernetes, Containers, CI/CD pipelines and DevSecOps Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements If you would like more information on this role, please get in touch to discuss. more »

of Azure resources (VMs, storage, networking, databases, etc.) Implement and enforce security best practices within the Azure environment, including access control, identity management, and threat detection Monitor Azure services for performance and identify opportunities for optimization Automate routine tasks using Azure automation tools (ARM templates, Azure CLI, PowerShell more »

and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation is protected against more »

the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and … to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating potential threats and vulnerabilities to ensure that the organization is prepared to defend against them. Strategic Defense Implementation: Putting in place robust … unified security strategy. This role demands a proactive mindset, deep technical expertise, and strong leadership skills to navigate the complex and ever-evolving cyber threat landscape. It's about being always prepared, constantly learning, and effectively communicating to maintain and enhance the organization's security posture. Tasks & Responsibilities Evaluate more »