15 of 15 Cyber Threat Intelligence Jobs in the South East

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

Title: Cyber Threat Management Lead Location: London (2 days onsite per week) Duration: 6 months Rate: £670 via Umbrella Role Summary: We are Seeking a Cyber SME to improve cyber defence through threat intelligence, threat hunting, and detection engineering. Key Responsibilities: Apply cyber threat intelligence to strengthen network defence Conduct threat hunting and detection engineering Perform threat modelling and threat-led risk reduction Support purple team and offensive security testing to improve detections and controls Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...

integrity of the .UK registry and help protect users from online harm. This is an ideal opportunity for someone with a strong interest in cyber threat operations and a desire to build hands‐on experience and develop their skills further. What You’ll Be Doing Investigating domain abuse … reports using internal tools and open‐source intelligence (OSINT), escalating complex cases when needed Supporting operational workflows and identifying ways to improve our tools, processes and automation Assisting in the development and refinement of detection rules and identifying patterns in malicious activity Liaising with registrars and other external stakeholders ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes ...

PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute … procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat ...

contract Opportunity to lead analysts and shape SOC capability About the client Our client operates within highly secure environments, delivering mission critical digital and cyber services to complex organisations. They are investing in the growth and maturity of their Security Operations Centre and are seeking an experienced Senior … phase of development. The benefits Long term engagement within a stable SOC environment Opportunity to influence SOC processes, controls and maturity Work alongside experienced cyber and operational security professionals The Senior SOC Analyst role As a Senior SOC Analyst, you will play a key role in delivering effective ...

Role: Cyber Security Assurance Specialist Salary/Rate: £45-55 per hr inside IR35 Location: Hybrid, near Oxford 3x per week Contract Duration: until December 2026 We are currently looking for a Cyber Security Assurance Specialist for our government client. This Cyber Security Assurance Specialist role … Abingdon Oxfordshire and the remainder of the week working remotely. There is no further flexibility with the on-site requirement. The contract for this Cyber Security Assurance Specialist position is until December 2026, with potential to extend, operating inside IR35. Security Clearance: eligible for Security Check ("SC Clearance") This ...

CYBER SECURITY ASSURANCE SPECIALIST CCL Global are currently recruiting for a Cyber Security Assurance Specialist to support high-profile, security-critical environments. This role will play a key part in strengthening security posture, ensuring compliance, and supporting assurance activities across complex digital and infrastructure systems. Type of Contract … Lead or contribute to security assurance activities, including audits, reviews, and remediation planning. Apply and interpret security frameworks such as ISO 27001, NIST, CAF, Cyber Essentials, and GovAssure. Assess and secure platforms including Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, and Windows/Linux/ ...

Threat and Vulnerability Management function within Cyber Operations is dedicated to safeguarding our organisation against cyber threats by proactively identifying, assessing, and mitigating vulnerabilities and exposures. Our mission extends beyond traditional security practices, incorporating cutting-edge approaches as we move from a traditional VM capability into Exposure … Management and on our way to Continuous Threat Exposure Management (CTEM). This role will play a critical part in the ongoing transformation of this function. As our Exposure Management Validation Lead, you will take ownership of validating security exposures across our technology estate, coordinating external penetration testing providers ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft ...

operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. ...

provide consultation and expertise on security matters. Responsibilities: Security Operations & Incident Management: Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes . Vulnerability … configuration of endpoint protection policies. Managing the configuration of Identity and Access Management services. Accreditation & Compliance: Supporting compliance initiatives such as ISO27001 and Cyber Essentials. Ensuring compliance with CyberEssentials and CyberEssentials+ requirements and carrying out audits. Assisting to ensure compliance with accreditation policies through auditing with external 3rd party ...

upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor ...

Package: £27,000 basic + uncapped commission (Year 1 OTE: £40,000) A specialist cyber security recruitment firm working exclusively with FTSE 250 businesses and global consultancies. They operate in high-demand areas such as cloud security and threat intelligence, with roles averaging £20k fees. Established … repeat business Structured 12-week in-office training programme Clear billing targets and progression milestones Quarterly incentives for top performers The role: Placing cyber security professionals across enterprise clients Developing relationships with hiring managers and CISOs Running full recruitment processes Building a niche within a high-demand market Requirements ...