15 of 15 Insider Threat Jobs in the UK

WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst. As part of the Cyber Defence department, this role will investigate Insider Risk Management (IRM) cases that have been escalated by our L1 Insider Threat team. Reporting to the Insider Threat - IRM Operations Manager, the L2 Insider Threat- IRM Analyst role is suited to someone who has strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience. It is a business facing role and requires working proactively with stakeholders and colleagues to … investigate Insider Threat and IRM cases. The Role: As the L2 Insider Threat- IRM Analyst, the primary responsibilities will be: Perform advanced analysis and investigation of Insider Threat and IRM cases across the various egress channels in both on premise and cloud environments. Analyse event/case/alert patterns to More ❯

Tool Optimisation: Oversee the enhancement of security tools to maintain a proactive security posture. Incident Response: Provide expert guidance during security incident investigations and response efforts. Insider Threat: Manage and investigate Insider Threat cases as required. Threat Hunting: Lead scheduled threat hunts to ensure thorough detection of advanced threats. External Collaboration: Work … e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. Expertise in threat intelligence and threat hunting. Experience mentoring and coaching others. Current DV clearance. Security Clearance This role is subject to pre-employment screening in line with the UK Government More ❯

and maintain executive-level documentation, including standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and … vigilance. Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or … a related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of More ❯

optimize identity and authentication security, including Conditional Access and Privileged Identity Management. Harden Azure resources, manage Web Application Firewalls, and contribute to security architecture reviews. Support insider threat simulations, collaborate on detection and response, and promote security awareness. Identify and manage risks, contribute to the Security Risk Register, and implement risk treatments. Drive continuous security improvements, maintain … Knowledge of web application firewalls and vulnerability management. Understanding of Zero Trust principles and Privileged Access Management tools. Desirable Experience with ISO 27001, scripting/automation, insider threat detection, or security in regulated sectors. To apply, submit your CV and cover letter via our online portal. The selection process includes initial interviews in August and panel interviews More ❯

I'm working with a global tech led FS organisation to find an Insider Risk Technical Analyst to strengthen their insider threat capability and help safeguard sensitive data from internal threats. They're looking for a technically skilled analyst who can take ownership of insider risk monitoring, investigate sensitive incidents, and fine-tune … DLP policies using enterprise tools. Ideal for someone who enjoys being hands-on while influencing data protection strategy! Looking for candidates with experience in: Microsoft Purview (Insider Risk Management, DLP) Symantec or McAfee DLP platforms ServiceNow or Microsoft Sentinel for incident tracking and analysis Analysing user behaviour and data movement to detect risk Working across security, compliance, and More ❯

and the roll out of technology projects. An understanding of project management to manage security aspects within a project timeline and budget. Knowledge and understanding of cybersecurity technologies - mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, key and certificate management. Excellent communication and stakeholder management abilities. Provide consulting and advisory More ❯

DLP technologies (e.g., Microsoft Purview, Symantec, Forcepoint, or similar). Familiarity with data classification, data handling standards, and regulatory requirements (e.g., NYDFS, GDPR). Knowledge of insider threat detection and user behavior analytics (UBA). Exposure to security incident and event management (SIEM) tools. Core Values Love what you do: We show up each day ready to More ❯

an efficient manner Endpoint Forensics - Construct meaningful incident timelines from forensic artifact analysis Counter Measures - Ability to design and implement preventative and corrective controls to counteract emerging threats Proactive Threat Hunting - Develop and execute focused plans to discover advanced threats that evade traditional security controls Behavioral Analysis - Develop and implement criteria to identify anomalous user behavior leading indicating insider threat activity Intrusion Detection - Develop and tune network anomaly control capability to produce reliable actionable data Threat Hunting - Proactively search for unknown threats within the environment. Preferred Knowledge and Experience 3+ years of relevant experience Deep understanding of networking and its application University degree in related discipline Hands on experience with Windows and Linux Core Competencies More ❯

At Experian, our Cyber Fusion Centre (CFC) uses modern technology and a team of elite security professionals to detect and investigate threats worldwide across cybersecurity, insider threat, and physical risk domains. We are looking for a dynamic Global Security Programme Manager to lead programmes that create relevant improvements in security maturity and risk reduction. In this strategic … people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Experience and Skills Programme Leadership & Delivery Lead the execution of the CFC's Threat-Informed Defence strategy roadmap, ensuring agreement on organizational goals. Oversee the planning, prioritization, and delivery of projects, ensuring adherence to established processes and standards. Develop programme roadmaps and work plans in … improvement, applying analytics to inform decisions and improve outcomes. Review and manage material changes to CFC processes, ensuring clarity, understanding and agreement. Collaboration Build relationships across cybersecurity domains, including threat intelligence, compliance, engineering, and incident response. Facilitate agreement and knowledge sharing across teams to support cohesive operations. Administrative & Evolving Responsibilities Provide administrative support for security operations and incident response More ❯

the enterprise-wide security architecture blueprint across corporate and product domains. Drive the Trainline Zero Trust initiative, spanning identity, device, network, and application layers. Lead secure design reviews and threat modelling for key product and infrastructure initiatives. Develop reference architectures and reusable security design patterns. Collaborate with the IAM Engineer to architect enterprise identity and access management Enforce secure … configurations across SaaS, endpoint, and MDM platforms (e.g., CrowdStrike, Jamf, Intune). Evaluate and guide SaaS tool usage, integrations, and risk mitigation. Design and maintain DLP, insider threat, and device posture enforcement capabilities. Collaborate with product and platform engineering teams to embed security into the SDLC and CI/CD. Define security controls for cloud-native services More ❯

quickly as possible and to further prevent any downtown or impact to the business operations. CyberClan investigates and assists clients with all types of security breaches, insider threat, unauthorized access, malicious code. Role Overview: We’re looking for a UK qualified lawyer with experience or strong interest in insurance law and claims handling. This role supports the More ❯

a motivated self-starter, be committed to on-going self-development and education and possess strong technical acumen and customer service skills. Responsibilities Ensure data is protected from insider threats, cyber-attacks, and policy violations Onboard Customers to Varonis platforms and deliver on-going value and support Ensure Customer success through frequent proactive health checks, hands-on product More ❯

in designing, implementing and managing robust IAM strategies and solutions to safeguard our client's information assets. The role involves ensuring secure and efficient access to resources, mitigating insider threats and enhancing overall cyber resilience. Reporting to the Cyber Resilience Manager this role is instrumental in maintaining a secure and efficient access control environment. You will be implementing More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

approach that directly addresses human vulnerability in cybersecurity. You'll work with some of the most innovative partners in the industry , helping them deliver Mimecast's integrated platform of threat protection, training, insider risk management, and compliance solutions. You'll collaborate with cross-functional leaders , including Sales, Marketing, and Customer Success, with direct visibility from our VP … You'll Bring Senior leadership experience in channel sales within a fast-paced SaaS or cybersecurity environment Strong grasp of human risk factors in security - from phishing to insider threats Proven ability to lead teams and influence across matrixed organizations Track record of building scalable partner ecosystems and driving net-new business growth Experience with Salesforce and modern More ❯