22 of 22 Cyber Threat Intelligence Jobs in the South East

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll … take charge of designing and implementing advanced security systems, supporting clients in improving their security posture, and staying ahead of emerging cyber threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

Senior Consultant - Cyber Resilience, Crawley (Hybrid) - £60-80K + Excellent Benefits About the Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act … as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect their critical assets. Key Responsibilities Lead the end-to-end delivery of cyber resilience projects, ensuring solutions are scalable, secure, and aligned with client goals Design and implement advanced cyber resilience solutions and frameworks Manage incident response, guiding teams through breach … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯

security. We’re looking for an experienced SOC Analyst to join our high-performing Security Operations Centre in Farnborough. This is a unique chance to contribute to real-world cyber defence, on country critical technology, pitting your SCO skills against state of the art attacks. As the SOC Analyst, you will: Monitoring and triaging alerts across secure client environments … during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯

role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the … also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of More ❯

role in supporting the organisation by delivering centralised IT infrastructure, with a strong emphasis on safeguarding identity access. The SecOps Manager is a key figure in the organisation's cyber defence efforts, tasked with identifying, detecting, and responding to information security threats, as well as managing the response to cybersecurity incidents. Working closely with colleagues across IT and the … also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of More ❯

Cyber Security Engineer Location: West Malling, Kent/Hybrid Salary/package: £55,000 - £60,000 per annum Hours: Full time, 37.5 hours per week Help lead the charge in digital defence! We're looking for an experienced Cyber Security Engineer to join us at Cantium Business Solutions, where you'll play a pivotal role in strengthening and … advancing our cyber security posture. This is your opportunity to bring your expertise to the table and drive impactful security strategies from day one. Who we are Cantium Business Solutions, part of the Commercial Services Group (CSG), delivers high-quality IT and back-office services to the education and public sectors. Our commitment to innovation and customer-centric solutions … a dynamic and agile culture. We're proud to be part of CSG, the UK's largest local authority-owned trading organisation, supporting customers worldwide. Why this role matters Cyber threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts More ❯

Cyber Security Analyst Applicants for this role should currently hold a valid Security (SC) Clearance. Responsibilities: * Support mission to coordinate the response to critical and cross-cutting cyber threats, incidents and vulnerabilities, and enable cyber defenders to defend as one. * Become part of the Watch Officer rota to provide initial triage and escalation of reports and requests … from Government organisations. * Support Incident Management when required during periods of heightened operational activity. * Maintain an understanding of the real-world cyber threat, identifying trends and emerging threats. * Maintain an understanding of the cyber threats likely to target the business. * Facilitate the timely sharing of high-quality actionable Cyber Threat Intelligence, both through regular … stakeholders. * Work collaboratively with Incident Management, providing insights on adversaries to enable a more effective response, and capturing insights for wider use. * Support the implementation and ongoing management of Threat Intelligence tooling and infrastructure, including, malware sandboxes, and threat intelligence platforms. * Engage with the wider public sector cyber security, cyber threat intelligence More ❯

Cyber Security Specialist Location: Havant Job Type: Full-time, Hybrid (3-4 days per week), 12-month FTC (with likely extension to permanent) Salary: 50 - 53K plus benefits We are seeking a Cyber Security Specialist to lead the implementation of a new Information Security Management System (ISMS) and ensure compliance with security standards. This role is crucial in … compliance within a dynamic IT environment of circa 500 IT users. Key Accountabilities: * Lead the implementation of a new ISMS, ensuring alignment with industry security standards. * Develop and maintain cyber security policies, procedures, and risk management frameworks. * Manage compliance with cyber security regulations, standards, and frameworks (ISO27001, CAF/eCAF, Cyber Essentials Plus). * Implement and manage … on security incidents, compliance status, and risk assessments. * Collaborate with stakeholders to embed security into business processes and IT operations. Required Skills & Qualifications: * 3-5 years of experience in cyber security roles, with hands-on involvement in ensuring compliance to security frameworks (ISO27001, NIST, eCAF). * Proven experience in implementing security systems and/or monitoring tools. * Strong knowledge More ❯

a Security Operations Centre Manager to help make that vision a reality. In this pivotal role, youll lead and manage ECCs Security Operations Centre (SOC) team, driving forward their cyber security capabilities to ensure robust protection across their digital estate. With a strong cloud-based infrastructure already in place, your expertise will help them to maintain, develop, and refine … needs of local government. To read more about our business area, please visit Corporate Services and Transformation Key Responsibilities: Lead and develop an active Security Operations team focused on threat detection, incident management, and prevention of data breaches or service disruptions. Build and mature the Security Operations Centre (SOC) with a focus on cyber risks, threat intelligence and proactive incident avoidance. Oversee the councils response to critical cyber incidents, coordinating resolution efforts and informing senior stakeholders. Collaborate with security architects and technical teams to shape and implement cyber security policies, ensuring theyre risk-appropriate and business-friendly. Manage cyber security risks by embedding them into the corporate risk register and advising on appropriate More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

Join a leading global investment bank as a Senior Cyber Security Analyst, where you'll play a critical role in safeguarding a world-class financial institution. What You'll Do: Responsible for end-to-end incident response operations, including triage, containment, root cause analysis, and post-incident reporting. Perform threat hunting and proactive detection using frameworks like MITRE … ATT&CK and threat intelligence. Maintain and enhance SOC playbooks, runbooks, and standard operating procedures to stay aligned with evolving threats and compliance requirements. Hands on with scripting/python to automate and improve the efficiency of the security function. Conduct in-depth technical security investigations and define appropriate mitigation strategies. What You'll Bring: Proven experience in security … operations, with strong knowledge of networking, Windows and Linux Hands-on with security automation; scripting in Python is a strong advantage. Solid understanding of incident response processes, threat intelligence, and security monitoring. Familiarity with frameworks such as MITRE ATT&CK, NIST, and OWASP. Exposure to secure coding practices and DevSecOps environments is a strong plus (not mandatory) Experience More ❯

It Simple, Do The Right Thing, Own It, and Aim For Greatness. About the Role To support our growth, we are looking for SOC Analysts to join our growing cyber security function. This role will be supporting our 24/7 operational capabilities (On-call rota, not shift based). As a member of the Starling SOC team, you … detection tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. About your Skills We're open-minded when it comes to hiring and we care more about aptitude … supporting and conducting Incident Response engagements. Experience in endpoint based investigations. Experience in cloud based investigations. Experience with Incident Command and conducting Tabletop Exercises Interest in Automation. Interest in Threat Intelligence and Analytic Tuning. A high level understanding of mobile, network and operating system security controls. Any experience of programming in Python, Go and/or Java. A More ❯

Cyber Security Analyst £52k - £55k Hybrid, Portsmouth 12-month FTC - possible to extend/go permanent Your new company Our client is dedicated to providing high-quality service to its customers, ensuring a reliable and sustainable service. They manage resources, maintain infrastructure, and implement innovative solutions to meet the needs of the community. Their commitment to excellence includes rigorous … manage their accounts. Join a team that values environmental stewardship and strives to deliver essential services with integrity and professionalism. Your new role You'll be joining an established Cyber team, supporting them to help them to achieve the CAF framework regulations, whilst getting involved with SIEM, Vulnerability Management, Threat Intelligence and IAM. Part of the team … executing a cyber improvement programme to enhance security posture Support compliance with relevant Cyber Security regulations, standards, and frameworks Implement and manage security monitoring tools and systems to detect and respond to security events Identify and assess potential security risks and vulnerabilities and develop strategies to mitigate them. Monitor security logs, alerts, and reports identifying potential security incidents More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role … accurate revenue forecasts and budgets for the renewal sales team, aligning with company objectives and the delivery of accurate and timely forecasts by the team for escalation reporting. Market Intelligence: Stay updated on industry trends, competitors, and customer needs to offer localize insights to global MI, including specific focus on trends regarding renewal best practices. Process Improvement: Continuously evaluate More ❯

Cyber Security Engineer/Network Engineer who has experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti-malware, content filtering, SIEM and threat detection solutions is required to join our team at a well-established charity. SALARY: £45,000 - £48,000 per annum + Excellent … required JOB TYPE: Full-Time, Permanent WORKING HOURS: 35 Hours per Week, Monday - Friday, 9:00am - 5:00pm JOB OVERVIEW We have a fantastic new job opportunity for a Cyber Security Engineer/Network Engineer who has experience working in cyber security, system engineering, or a similar role, with hands-on knowledge of security tools such as anti … malware, content filtering, SIEM and threat detection solutions. Working as the Cyber Security Engineer/Network Engineer which the organisation calls a Security Engineer, you'll be at the frontline of the cyber defence, working closely with the Security Operations Manager to monitor, maintain and enhance security tools and services. You'll collaborate with external security providers More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

Cyber Security Analyst (Inside IR35) Are you an SC cleared Cyber Security Analyst looking for a new role? We are partnered with a government client looking for a Cyber Security Analyst with a mix of good technical skillsets and good stakeholder management This role would be based on a hybrid working basis in Central London Experience Experience … of working in Cyber Security, ideally within SOC Excellent stakeholder management skills Experience with threat intelligence platforms Active SC clearance would be required If you are an SC cleared Cyber Security Analyst looking for a new role, please apply now! Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the … to business goals. Oversee the development of all content formats-blogs, reports, whitepapers, case studies, videos, podcasts, and more. Lead cross-functional content planning and collaboration with teams including threat intelligence, research, product, and leadership. Maintain a high editorial standard across all outputs, ensuring consistency of voice, quality, and brand alignment. Campaigns & Promotion Develop and manage content-led … with timely, expert commentary on major industry events. Contribute to analyst relations efforts, including engagement, briefing coordination, and relationship development. Website & SEO Own the SEO strategy for the Searchlight Cyber website and track performance metrics such as keyword rankings, traffic, and domain authority. Maintain and optimize website content, including blogs, reports, videos, podcasts, and other key resources. Ensure the More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end cyber incident lifecycle management for … rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis … using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

Cyber Incident Response Manager A Global Organisation requires a Contract Incident Response Manager to lead the Cyber Incident response function. Day Rate: £635 - £675pd IR35 Status: Inside Duration: 6 months initially Travel: 2 days a week in Berkshire This Incident Response Manager will have the following previous experience: Direct end-to-end cyber incident lifecycle management for … rapid coordination across business units and leveraging tools like Splunk and Defender to contain and mitigate threats Design, maintain, and continuously enhance playbooks, response frameworks, and tabletop exercises, incorporating threat intelligence and detection insights from CrowdStrike and Splunk to mature IR readiness. Lead root cause analysis and develop actionable remediation plans; deliver executive-level reporting and trend analysis … using integrated dashboards, combining insights from Splunk and Defender data sources. Serve as the primary advisor to senior leaders and cross-functional teams, guiding cyber incident communications, impact assessment, and risk mitigation strategies across the company, Operating Companies, and Joint Ventures. More ❯

in production with a strong focus on performance, explainability, and cost-efficiency. What You'll Bring: Deep applied experience in ML/DL , with bonus points for work in threat detection , phishing , or abuse detection Proven ability to design and deploy full-stack AI pipelines in production Strong experience in backend engineering , ideally with Go and ML frameworks like … infrastructure (AWS) , Kubernetes , and Terraform Experience evaluating and deploying models (including anomaly detection, RAG, and clustering) in noisy, evolving data environments Nice to Have: Experience with Perl Knowledge of threat intelligence integration and MCP architectures Location: Hybrid - 2 days a week on-site in Central London Salary: Up to £130,000 , depending on experience RSG Plc is acting More ❯