Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
Thames Water Utilities Limited
Job title Senior CyberThreat Intelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/…/2025 As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Hemel Hempstead, England, United Kingdom Hybrid / WFH Options
Fynity
CyberThreat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyberthreat intelligence skills to the next … to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The CyberThreat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a … hands-on, high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyberthreat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
All the top bananas UK
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Hunter Job Title: CyberThreat Analyst Requisition ID: 121703 Location: Leeds and surrounding area Grade: GG08 - GG09 Referral Bonus … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of SC clearance with the potential for DV Clearance in the future. … This role reports to the Delivery Lead/PMO. The Role You will be/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those More ❯
Hemel Hempstead, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
We are building a CyberThreat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our CyberThreat |Intelligence Analyst will be … a critical member of the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of … threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold DV Clearance OR be eligible for DV Clearance for this role. Hybrid. 3 days on site in Hemel Hempstead, 2 days home working. What you'll be doing More ❯
Bradford, West Yorkshire, Yorkshire, United Kingdom
Vanquis Bank Limited
cyberthreats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity … you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to CyberThreat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. … Incorporate threat intelligence into CIC activities. Collaborate and assist with the investigation and resolution of complex security incidents. Support the delivery of retrospective improvements based on incident analysis, RCAs and PIRs. Engage with third-party security partners to enhance and mature services. Maintain centralised processes across all VBG product More ❯
Warwick, Warwickshire, West Midlands, United Kingdom
La Fosse
CyberThreat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a CyberThreat Intelligence analyst to help out with their Threat Intell … function and keep them ahead of the curve when it comes to threat management and security automation. This is a rare opportunity to join a large organisation and play a pivotal role in building new capabilities with no legacy systems in place and you'll have the chance to … shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyberthreat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
All the top bananas UK
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Intelligence and Vulnerability Lead Job Title: CyberThreat Intelligence and Vulnerability Lead Requisition ID: 121483 Location: Leeds (this is a … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of DV clearance. This role reports to the Service Delivery Manager. The … Role You will be: Accountable for ensuring all relevant potential cyberthreat and key vulnerabilities are detected, triaged and reported on daily Accountable for all regular reporting and ensuring the efficient delivery of all threat intelligence and vulnerability products by their respective deadlines Where there is More ❯
Job Description: CyberThreat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the … experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the CyberThreat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on More ❯
The Cyber Security IT Engineer will evaluate all security solution technologies and toolsets and help develop the security systems within the organisation and will ensure that data, network, and systems are protected from cyberthreats and will comply with the relevant standards and regulations. You will … environment is developed for the hosting and management of our critical information assets. We ask that you have a blend of skillsets across cyber security including solution design and implementation, operation, governance, change management, communications, and the understanding of protecting data in employing the use of relevant encryption … standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of the ever-changing cyberthreat landscape. People – work collaboratively in a team environment and with a range of internal and external people Financial – no direct budget responsibility. Suppliers – regular More ❯
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Intelligence and Vulnerability Lead Job Title: CyberThreat Intelligence and Vulnerability Lead Requisition ID: 121483 Location: Leeds (this is a … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of DV clearance. This role reports to the Service Delivery Manager. The … threats and key vulnerabilities are detected, triaged and reported on daily. Accountable for all regular reporting and ensuring the efficient delivery of all threat intelligence and vulnerability products by their respective deadlines. Where there is not established schedule for a product, the lead is responsible for ensuring that More ❯
Job Description: Job Description CyberThreat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance, we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been … experience in SIEM technologies Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the CyberThreat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: • Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on More ❯
front line of cyber defence? Were looking for an experienced SOC Manager to oversee and drive 24/7 cyberthreat detection and response capabilities. In this critical leadership role, youll manage internal teams and external partners to deliver robust security operations, incident response, and … continuous improvement across the whole cyber defence landscape. What Youll Do Lead daily SOC operations, incident response, and cyberthreat mitigation. Manage and mentor a high-performing team of analysts and third-party partners. Own SOC processes, KPIs, and reporting, ensuring effective service delivery and … performance. Drive strategic initiatives in threat intelligence, SIEM, and vulnerability management. Collaborate across IT, business units, and the Deputy CISO to align security operations with organisational goals. What Were Looking For Proven experience leading a SOC or cyber defence team. Strong expertise in incident response, SIEM, vulnerability More ❯
Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing … advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threatMore ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
NCC Group
the leading global Cyber Security and Risk Mitigation business The Opportunity You will be acting as a team leader within the Operational Threat Intelligence team, reporting to the Operational Threat Intelligence Manager. This role involves advanced analysis of cyberthreats, the development of actionable … intelligence, and collaboration with various teams. You will also be responsible for the improvement of our Threat Intelligence capabilities and will be responsible for the support development of the less senior members of the team. As a senior member of the Threat Intelligence Team you are expected to … an example in both output and work ethic. Your support to the wider organisation will be critical in the development of NCC Group's Threat Intelligence capabilities and the broader service we offer. Key Accountabilities Threat Intelligence Analysis : Conduct in-depth analysis of cyberthreats, including More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
KPMG UK
Cyber Response Services Senior Analyst – KPMG Curve Base Location: Leeds based (Hybrid – 3 days per week in office) Experienced professional (kpmgcareers.co.uk) As a result of the work that we do, we require applicants to hold or be capable of obtaining UK National Security Vetting, the requirements for which … team. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyberthreat and being able to advise clients on the threat landscape and attacks which may be relevant to them. Develop KPMG’s in house … Please note your application will not be taken forward if you cannot fulfil these requirements. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Experience of dealing with cyber security incidents and associated response measures. More ❯
data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyberthreat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate … them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service More ❯
accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and provide … actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response … for automation and analysis tasks. Strong understanding of security architecture, especially in cloud (AWS/Azure) and network environments. Experience with cyberthreat intelligence, including threat actor tactics, techniques, and procedures (TTPs). Proven track record of investigating complex intrusions, including nation-state or targeted ransomware More ❯
accordance with established security policies. Detect and investigate intrusion attempts and determine their scope and impact. Document high-quality security incident reports, supported by threat intelligence and independent research. Conduct or support remediation efforts to neutralise threats, restore systems, and prevent recurrence. Produce post-incident review reports and provide … actionable security improvement recommendations. Apply threat intelligence to improve detection capabilities and situational awareness. Support national-scale cyber incident response activities in a coaching or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response … for automation and analysis tasks. Strong understanding of security architecture, especially in cloud (AWS/Azure) and network environments. Experience with cyberthreat intelligence, including threat actor tactics, techniques, and procedures (TTPs). Proven track record of investigating complex intrusions, including nation-state or targeted ransomware More ❯
work out of Erskine..... Project description The Tier 2 Cyber Security Analyst is a mid-Tier position within the CyberThreat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. • Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial … activity. • Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. • Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant insights with CTAC teams to enhance overall situational awareness. • Follow established incident response More ❯
all like-minded individuals, with a drive to succeed in their own fields. Clearance Required: DV Cleared Goaco is a Digital Transformation and Cyber Security Consultancy and we are looking to build a team to continue solving problems using software and technology for our clients. We are seeking … and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support risk assessments, threat modelling, and incident response initiatives. Work closely with stakeholders to ensure compliance with NCSC and other relevant security policies. Develop and deliver security strategies … in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyberthreat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk More ❯
Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyberthreat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security More ❯
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Walsh Employment
and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyberMore ❯
and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide … advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast More ❯