1 to 25 of 110 Cyber Threat Jobs in the South West

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat division. This is a fantastic opportunity to join a large cyber and information security team that lead the way in technology and tooling in a 24/7 global environment. Duties will include: - Managing a team of Cyber Threat Analysts that … requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous team management experience - Good understanding of incident response frameworks and methodologies (ICERF) - Good understanding of threats, vulnerabilities and processes More ❯

data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … Defence Operation’s efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate … them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and … optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building More ❯

Title: Cyber Security Engineer Department: Cyber Security, Information Technology Reports To: Information and Cybersecurity Senior Manager Work Patterns: Mon-Fri 9am-5:30pm (not Inc. Bank Holidays) JOB PURPOSE SUMMARY: The Cybersecurity team, within the LLA IT department, is responsible for information and cyber … partners, such as retailers, ground handlers and airlines, as well as LLA’s suppliers, to ensure a joined-up approach to information and cyber security. We are seeking a highly skilled and motivated IT Cyber Security Engineer, with a passion for protecting digital assets against cyber … our infrastructure, systems, and networks. Expertise in information security, risk management and compliance are essential, as is a commitment to defending LLA against cyber threats and integrating security across all layers of our IT environment to protect organizational data and technology. This role focuses on detecting, investigating, and More ❯

to the nature of the work, around 20% home working may be available depending on business needs. About Us GCHQ is an intelligence, cyber and security agency with a mission to keep the UK safe. We use cutting-edge technology, ingenuity and partnerships to identify, analyse and disrupt … logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You'll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you'll take swift, decisive action to contain and resolve them. You'll also … you settle in and provide ongoing mentorship as you grow in your role. You'll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development More ❯

Company Overview Cyber Security Associates Limited (CSA), established in 2013, provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat. CSA has built its team from a foundation of UK Government (ex … and improving clients overall security posture. The successful applicant will have a strong background in security operations, excellent customer service skills, incident response, and threat hunting, as well as experience in managing and mentoring junior team members. You should also have experience in providing exceptional service to customers and … during event and incident investigations. Assist in the Incident Response process internally and in communication with the customer. Produce high-quality alert, incident, and threat intelligence reports. Compile phishing campaign templates, run campaigns, and write reports. Serve as a security expert to customers and team members. Escalate high-priority More ❯

Company Overview Cyber Security Associates Limited (CSA), established in 2013, provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat. CSA has built its team from a foundation of UK Government (ex … and improving clients overall security posture. The successful applicant will have a strong background in security operations, excellent customer service skills, incident response, and threat hunting, as well as experience in managing and mentoring junior team members. You should also have experience in providing exceptional service to customers and … during event and incident investigations. Assist in the Incident Response process internally and in communication with the customer. Produce high-quality alert, incident, and threat intelligence reports. Compile phishing campaign templates, run campaigns, and write reports. Serve as a security expert to customers and team members. Escalate high-priority More ❯

work alongside passionate professionals who thrive on solving complex problems, staying ahead of adversaries, and continuously improving our security posture. Whether it's analysing threat intelligence, responding to incidents, or hardening our infrastructure, your work will have a direct impact on the safety and success of our organisation. Support compliance efforts (e.g., ISO 27001, NIST, GDPR) Contribute to threat intelligence and detection rule tuning Participate in red/blue team exercises and tabletop simulations For … Technical skills We'll assess you against these technical skills during the selection process:

Intrusion detection and analysis Threat intelligence and threat assessment Cyber Security operations Government Security Profession career framework More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯

within the Microsoft 365 ecosystem. The ideal candidate will have deep technical expertise in M365 security capabilities and a strong understanding of modern cyber threats, compliance requirements, and enterprise security architecture. Key Responsibilities: Design and implement security controls across E5 Microsoft 365 services (e.g., Endpoints; Exchange Online, SharePoint More ❯