Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
Thames Water Utilities Limited
Job title Senior CyberThreat Intelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/…/2025 As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior CyberThreat Intelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyberthreats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence … of the incident response team where appropriate and deliver cyber intelligence insights during security events. Threat Research & Intelligence: Research emerging threats, threat actors, TTPs and IoCs to support threat hunting, detection engineering and signature development. Intelligence Feeds & Dashboards: Evaluate technical intelligence feeds, ensure quality of More ❯
Hemel Hempstead, England, United Kingdom Hybrid / WFH Options
Fynity
CyberThreat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyberthreat intelligence skills to the next … to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The CyberThreat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a … hands-on, high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyberthreat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
All the top bananas UK
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Hunter Job Title: CyberThreat Analyst Requisition ID: 121703 Location: Leeds and surrounding area Grade: GG08 - GG09 Referral Bonus … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of SC clearance with the potential for DV Clearance in the future. … This role reports to the Delivery Lead/PMO. The Role You will be/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those More ❯
london, south east england, united kingdom Hybrid / WFH Options
Adeptis Group
CyberThreat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a … CyberThreat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a … threat intelligence strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence More ❯
Hemel Hempstead, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
We are building a CyberThreat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our CyberThreat |Intelligence Analyst will be … a critical member of the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of … threat intelligence frameworks, and the ability to collaborate optimally across teams with varied strengths and partners. You do need to hold DV Clearance OR be eligible for DV Clearance for this role. Hybrid. 3 days on site in Hemel Hempstead, 2 days home working. What you'll be doing More ❯
Bradford, West Yorkshire, Yorkshire, United Kingdom
Vanquis Bank Limited
cyberthreats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business continuity … you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to CyberThreat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. … Incorporate threat intelligence into CIC activities. Collaborate and assist with the investigation and resolution of complex security incidents. Support the delivery of retrospective improvements based on incident analysis, RCAs and PIRs. Engage with third-party security partners to enhance and mature services. Maintain centralised processes across all VBG product More ❯
Warwick, Warwickshire, West Midlands, United Kingdom
La Fosse
CyberThreat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a CyberThreat Intelligence analyst to help out with their Threat Intell … function and keep them ahead of the curve when it comes to threat management and security automation. This is a rare opportunity to join a large organisation and play a pivotal role in building new capabilities with no legacy systems in place and you'll have the chance to … shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyberthreat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
All the top bananas UK
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Intelligence and Vulnerability Lead Job Title: CyberThreat Intelligence and Vulnerability Lead Requisition ID: 121483 Location: Leeds (this is a … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of DV clearance. This role reports to the Service Delivery Manager. The … Role You will be: Accountable for ensuring all relevant potential cyberthreat and key vulnerabilities are detected, triaged and reported on daily Accountable for all regular reporting and ensuring the efficient delivery of all threat intelligence and vulnerability products by their respective deadlines Where there is More ❯
glasgow, central scotland, united kingdom Hybrid / WFH Options
Sapphire
We’re Hiring: CyberThreat Intelligence Analyst 📍 Location: Glasgow, Scotland 🏢 Company: Sapphire Are you passionate about understanding cyberthreats, uncovering malicious activity, and turning intelligence into action? We’re looking for a CyberThreat Intelligence Analyst to join our expert team in … Glasgow! What you’ll do: 🧠 Conduct in-depth cyberthreat investigations ✍️ Produce high-quality intelligence reports & blogs 🛠️ Research emerging threats and present key findings 🎯 Analyse adversary TTPs and drive CTI maturity 🤝 Collaborate across teams to enhance security strategy What you’ll bring: ✅ Proven CTI & security investigation experience More ❯
Job Description: CyberThreat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the … experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the CyberThreat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on More ❯
manchester, north west england, united kingdom Hybrid / WFH Options
NCC Group
and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Strategic Threat Intelligence team, reporting to the Strategic Threat Intelligence Manager. As a senior member in this team, you will have some limited line management … responsibilities but will be expected to be heavily involved in the training and mentoring of other Threat intelligence team members, as well as supporting the overall growth of the Strategic Threat Intelligence team. You will be expected to have strong consultancy skills and experience in delivering large/… where you will need to be able to manage multiple internal and external stakeholders. Key Accountabilities Support the development and growth of our Strategic Threat Intelligence capabilities in line with our overall Threat Intelligence and Corporate Strategy Support and lead the delivery of Regulator-driven Threat Intelligence More ❯
hemel hempstead, east anglia, united kingdom Hybrid / WFH Options
Hamilton Barnes 🌳
Job Title: CyberThreat Intelligence Analyst Role: Join a rapidly growing cybersecurity team as a critical member responsible for managing a Malware Information Sharing Platform (MISP) instance and delivering operational and tactical threat intelligence. You’ll play a key role in enhancing the security posture of … growth through hands-on work with cutting-edge cyber technologies. Flexible work arrangements supporting work-life balance. Responsibilities: Develop and integrate automated threat intelligence feeds and enrichment sources. Provide training and documentation for SOC staff on effective MISP usage. Monitor threat feeds, OSINT, dark web, and … Produce monthly situational reports highlighting operational threats and actionable recommendations. Collaborate with SOC and incident response teams during active security incidents, providing real-time threat intelligence. Contribute to threat hunting initiatives with intelligence-led hypotheses. Study and evaluate threat actors’ tactics, techniques, and procedures (TTPs) using frameworks More ❯
manchester, north west england, united kingdom Hybrid / WFH Options
NCC Group
and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team member within the Operational Threat Intelligence team, reporting to the Operational Threat Intelligence Manager, and supported by the Operational TI Team Leads. This role involves analysis of cyber … of actionable intelligence, and collaboration with various teams. Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities Threat Intelligence collection and analysis : Make use of OSINT and other intelligence sources … complex technical information in a clear and concise manner to enable informed decision-making. Collaboration and Information Sharing : Collaborate with internal teams to share threat intelligence. Participate in information-sharing communities to stay abreast of the latest threat landscape. Use of TI Tools : Make use of threatMore ❯
The Cyber Security IT Engineer will evaluate all security solution technologies and toolsets and help develop the security systems within the organisation and will ensure that data, network, and systems are protected from cyberthreats and will comply with the relevant standards and regulations. You will … environment is developed for the hosting and management of our critical information assets. We ask that you have a blend of skillsets across cyber security including solution design and implementation, operation, governance, change management, communications, and the understanding of protecting data in employing the use of relevant encryption … standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of the ever-changing cyberthreat landscape. People – work collaboratively in a team environment and with a range of internal and external people Financial – no direct budget responsibility. Suppliers – regular More ❯
complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. CyberThreat Intelligence and Vulnerability Lead Job Title: CyberThreat Intelligence and Vulnerability Lead Requisition ID: 121483 Location: Leeds (this is a … The customer is committed to development of this improved SOC to be a benchmark of best practice and excellence in reflection of the significant threat that the protected systems are subject to. This role requires a minimum of DV clearance. This role reports to the Service Delivery Manager. The … threats and key vulnerabilities are detected, triaged and reported on daily. Accountable for all regular reporting and ensuring the efficient delivery of all threat intelligence and vulnerability products by their respective deadlines. Where there is not established schedule for a product, the lead is responsible for ensuring that More ❯
Job Description: Job Description CyberThreat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance, we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been … experience in SIEM technologies Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the CyberThreat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: • Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on More ❯
front line of cyber defence? Were looking for an experienced SOC Manager to oversee and drive 24/7 cyberthreat detection and response capabilities. In this critical leadership role, youll manage internal teams and external partners to deliver robust security operations, incident response, and … continuous improvement across the whole cyber defence landscape. What Youll Do Lead daily SOC operations, incident response, and cyberthreat mitigation. Manage and mentor a high-performing team of analysts and third-party partners. Own SOC processes, KPIs, and reporting, ensuring effective service delivery and … performance. Drive strategic initiatives in threat intelligence, SIEM, and vulnerability management. Collaborate across IT, business units, and the Deputy CISO to align security operations with organisational goals. What Were Looking For Proven experience leading a SOC or cyber defence team. Strong expertise in incident response, SIEM, vulnerability More ❯
Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing … advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threatMore ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
NCC Group
the leading global Cyber Security and Risk Mitigation business The Opportunity You will be acting as a team leader within the Operational Threat Intelligence team, reporting to the Operational Threat Intelligence Manager. This role involves advanced analysis of cyberthreats, the development of actionable … intelligence, and collaboration with various teams. You will also be responsible for the improvement of our Threat Intelligence capabilities and will be responsible for the support development of the less senior members of the team. As a senior member of the Threat Intelligence Team you are expected to … an example in both output and work ethic. Your support to the wider organisation will be critical in the development of NCC Group's Threat Intelligence capabilities and the broader service we offer. Key Accountabilities Threat Intelligence Analysis : Conduct in-depth analysis of cyberthreats, including More ❯
manchester, north west england, united kingdom Hybrid / WFH Options
NCC Group
and Risk Mitigation business... https://www.nccgroup.com/uk/The Opportunity You will be acting as a team leader within the Operational Threat Intelligence team, reporting to the Operational Threat Intelligence Manager. This role involves advanced analysis of cyberthreats, the development of actionable … intelligence, and collaboration with various teams. You will also be responsible for the improvement of our Threat Intelligence capabilities and will be responsible for the support development of the less senior members of the team. As a senior member of the Threat Intelligence Team you are expected to … an example in both output and work ethic. Your support to the wider organisation will be critical in the development of NCC Group’s Threat Intelligence capabilities and the broader service we offer. Key Accountabilities Threat Intelligence Analysis : Conduct in-depth analysis of cyberthreats, including More ❯
clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly CyberThreat Intelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and products. … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). More ❯
Leeds, England, United Kingdom Hybrid / WFH Options
KPMG UK
Cyber Response Services Senior Analyst – KPMG Curve Base Location: Leeds based (Hybrid – 3 days per week in office) Experienced professional (kpmgcareers.co.uk) As a result of the work that we do, we require applicants to hold or be capable of obtaining UK National Security Vetting, the requirements for which … team. Digital forensics of relevant incident data (disk, volatile memory, network packets, log files). Maintaining a current view of the cyberthreat and being able to advise clients on the threat landscape and attacks which may be relevant to them. Develop KPMG’s in house … Please note your application will not be taken forward if you cannot fulfil these requirements. A broad understanding of the cyber security threat landscape. Strong technical background in computers and networks, and programming skills. Experience of dealing with cyber security incidents and associated response measures. More ❯
data enrichment. Key Skills and Experience Experience contributing to large-scale, sprint-based, security automation and detection engineering projects in a SOC/Cyber Defense or similar environment Recent hands-on experience with managing and implementing Microsoft Sentinel log sources and detection, with knowledge of the related technical … Defence Operation's efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyberthreat intelligence and vulnerability management. Collaborate with Cyber Defence Operation analysts to identify repetitive tasks and automate … them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary. Collaborate with third-party vendors and service More ❯