1 to 25 of 206 Cyber Threat Jobs in the South East

Job title Senior Cyber Threat Intelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/…/2025 As a Senior Cyber Threat Intelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯

As a Senior Cyber Threat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯

As a Senior Cyber Threat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯

Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a … Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a … threat intelligence strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence More ❯

Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a … Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a … threat intelligence strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be … a critical member of the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of … threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold DV Clearance OR be eligible for DV Clearance for this role. Hybrid. 3 days on site in Hemel Hempstead, 2 days home working. What you'll be doing More ❯

security is among the sectors that KPMG has pinpointed for significant investment and expansion. Our clients encounter a difficult cyber threat and rely on us to assist them in comprehending and dealing with that threat. Key Responsibilities: • Oversee and coordinate cyber security incidents … Conduct digital forensics on pertinent incident data (disk, volatile memory, network packets, log files). • Keep an updated perspective of the cyber threat environment and be capable of advising clients on the relevant threat landscape and potential attacks. • Communicate with clients regarding delivery, implementation, and project … issues. • Ability to produce well-organized responses to bids and requests for proposals. Key Skills: A comprehensive comprehension of the cyber security threat environment. Robust technical foundation in computing and networking, along with programming abilities. Notable and demonstrated experience in managing cyber security incidents and More ❯

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the … experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on More ❯

The Cyber Security IT Engineer will evaluate all security solution technologies and toolsets and help develop the security systems within the organisation and will ensure that data, network, and systems are protected from cyber threats and will comply with the relevant standards and regulations. You will … environment is developed for the hosting and management of our critical information assets. We ask that you have a blend of skillsets across cyber security including solution design and implementation, operation, governance, change management, communications, and the understanding of protecting data in employing the use of relevant encryption … standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of the ever-changing cyber threat landscape. People – work collaboratively in a team environment and with a range of internal and external people Financial – no direct budget responsibility. Suppliers – regular More ❯

the provision of technology solutions, as well optimising of current solutions to improve how the company operates. This role works closely with the Cyber Security Architecture Manager, Cyber Security Testing Manager, Cyber Security Governance Manager, Cyber Security Portfolio Manager, and Cyber … all other team members, the rest of Information Systems team, IT Service Providers and business stakeholders across the company to implement and optimise cyber security operations capabilities. Responsibilities Accountable for managing the Cyber Security Response team and the quality of third party services and deliverables, reviewing … performance, and driving continuous improvement. Take the lead management responsibility for all cyber security event monitoring and incident response services received from all partner organisations with particular focus on the company’s Manage Security Service relationship (MSS). Proactively manage the search for cyber threats that More ❯

clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and products. … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). More ❯

clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber Threat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and products. … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). More ❯

We are working with a global aviation organisation who are looking to bring an experienced Cyber Threat Intelligence Manager into their organisation. This would be a greenfield project and would require the successful person to have had experience building and developing functions from scratch. Key Experience: Previous More ❯

all like-minded individuals, with a drive to succeed in their own fields. Clearance Required: DV Cleared Goaco is a Digital Transformation and Cyber Security Consultancy and we are looking to build a team to continue solving problems using software and technology for our clients. We are seeking … and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support risk assessments, threat modelling, and incident response initiatives. Work closely with stakeholders to ensure compliance with NCSC and other relevant security policies. Develop and deliver security strategies … in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk More ❯

controls, policies, and technologies effectively protect the organisation’s assets, infrastructure, and data. You will work closely with senior leadership, providing expert guidance on threat mitigation and security best practices. If you thrive in a dynamic environment and have a passion for building and evolving enterprise security programs, we … of securing Microsoft and Azure-based environments, including cloud, hybrid, and on-premises infrastructure. Hands-on experience in managing and responding to security incidents, threat hunting, and vulnerability remediation. Strong background in implementing and overseeing security monitoring and detection capabilities using SIEM, EDR, and XDR solutions. Experience leading security … App workflows. Experience with network security principles, including zero-trust architecture, segmentation, firewalls, and secure remote access solutions. Strong understanding of cyber threat intelligence, MITRE ATT&CK framework, and advanced threat detection methodologies. The Benefits Our customers deserve the best and the same applies to our More ❯

controls, policies, and technologies effectively protect the organisation’s assets, infrastructure, and data. You will work closely with senior leadership, providing expert guidance on threat mitigation and security best practices. If you thrive in a dynamic environment and have a passion for building and evolving enterprise security programs, we … of securing Microsoft and Azure-based environments, including cloud, hybrid, and on-premises infrastructure. Hands-on experience in managing and responding to security incidents, threat hunting, and vulnerability remediation. Strong background in implementing and overseeing security monitoring and detection capabilities using SIEM, EDR, and XDR solutions. Experience leading security … App workflows. Experience with network security principles, including zero-trust architecture, segmentation, firewalls, and secure remote access solutions. Strong understanding of cyber threat intelligence, MITRE ATT&CK framework, and advanced threat detection methodologies. The Benefits Our customers deserve the best and the same applies to our More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber More ❯

and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide … advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast More ❯

to the development of essential architecture strategies and patterns for NESO. Building and managing relationships with the business is key to delivering our cyber security strategy. Whether implementing new solutions, driving operational effectiveness and efficiency, or providing guidance to further enhance our strategy, the Senior Security Architect will … mindset. A proactive approach to problem-solving, with the ability to think critically and strategically about architectural challenges and opportunities. Significant experience in cyber security Strong Cloud knowledge and demonstrable experience - (Azure) Relevant cyber security qualification(s), for example Certified Information Systems Security Professional (CISSP), Certified … lifecycles, application architectures, key attack vectors, and corresponding compensating controls. Cloud Security (Microsoft): Demonstrated experience and proficiency in securing cloud environments. Cyber Threat Intelligence: Ability to analyse and respond to emerging cyber threats and how this can be used to update secure architecture principles. About More ❯

A forward-thinking Financial Services firm is seeking a Threat Detection Automation Analyst to join its Threat Intelligence team. They are looking for an individual to join and help drive forward a baseline of threat detection use cases in their SIEM (Splunk). They have just established … the next phase of populating new use cases. This role will involve writing new use cases based on the output and direction of the threat intelligence team, as well as testing use cases with a new breach and attack simulation tool. Ideally, the individual joining will have experience of … both SIEM detection engineering and using a BAS tool. Coupled with sound knowledge of the current Cyber threat landscape including groups, TTPs and attack vectors relevant to Financial Services. To be considered for this role, you will have experience from either a SOC, CTI or are a More ❯

A forward-thinking Financial Services firm is seeking a Threat Detection Automation Analyst to join its Threat Intelligence team. They are looking for an individual to join and help drive forward a baseline of threat detection use cases in their SIEM (Splunk). They have just established … the next phase of populating new use cases. This role will involve writing new use cases based on the output and direction of the threat intelligence team, as well as testing use cases with a new breach and attack simulation tool. Ideally, the individual joining will have experience of … both SIEM detection engineering and using a BAS tool. Coupled with sound knowledge of the current Cyber threat landscape including groups, TTPs and attack vectors relevant to Financial Services. To be considered for this role, you will have experience from either a SOC, CTI or are a More ❯

Join a Leading Cyber Defence Operations Team and help safeguard against global cyber risks! Salary: £70,000 + Benefits Location: Reading - 2 Days a week on site Employment Type: Permanent The Cyber Defence Operations team is responsible for protecting customers against cyber … Handle escalated security incidents that L1 and L2 analysts cannot resolve, such as sophisticated malware infections, APTs, and complex intrusions. Lead forensic analysis and threat hunting efforts to ensure rapid containment and recovery. Security Analysis and Root Cause Analysis: Conduct detailed analysis of security events to address current cyber … tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas for operational improvement. Threat Response: Engage in threat hunting from a blue team perspective, identifying potential threat group activity. Mentorship & Leadership: Mentor and encourage team members More ❯

Join a Leading Cyber Defence Operations Team and help safeguard against global cyber risks! Salary: £70,000 + Benefits Location: Reading - 2 Days a week on site Employment Type: Permanent The Cyber Defence Operations team is responsible for protecting customers against cyber … Handle escalated security incidents that L1 and L2 analysts cannot resolve, such as sophisticated malware infections, APTs, and complex intrusions. Lead forensic analysis and threat hunting efforts to ensure rapid containment and recovery. Security Analysis and Root Cause Analysis: Conduct detailed analysis of security events to address current cyber … tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas for operational improvement. Threat Response: Engage in threat hunting from a blue team perspective, identifying potential threat group activity. Mentorship & Leadership: Mentor and encourage team members More ❯