22 of 22 Malware Analysis Jobs in England

clients worldwide, Recorded Future is the world's most advanced, and largest, intelligence company! Reversing Emulation and Testing (RET) is a core function of Insikt Group's Technical Analysis (TA) Team. We seek a principal technical threat researcher with deep subject-matter expertise across malware analysis, reverse engineering, and malicious tooling. This role requires the ability to … lead high-impact research and drive innovation in analytical capabilities within Insikt Group. You will guide and shape technical research into state-sponsored and cybercriminal malware, collaborating across functional intelligence teams to support finished intelligence reporting and platform enrichment. Your responsibilities will include not only conducting advanced malware reverse engineering and infrastructure emulation but also designing and implementing … internal tools and workflows that increase our team's efficiency. You will be expected to develop and formalize novel approaches to dynamic analysis, configuration extraction, and threat behavior modeling. This position entails representing Insikt Group's technical threat research in customer briefings, webinars, and industry engagements. You will communicate complex technical findings to diverse audiences ranging from internal stakeholders More ❯

Research Engineer - Threat Protection The Role As a Security Research Engineer at Mimecast, you will be a pivotal technical expert dedicated to researching, analyzing, and developing detections for both malware and phishing threats. Your work will involve dissecting real-world file and web threats, building and optimizing detection signatures, and driving improvements to our advanced detection systems. This role … evolving attacks and provide actionable insights to our customers and internal teams. Why Join Our Team? At Mimecast, you will be at the forefront of neutralizing diverse phishing and malware threats through comprehensive file analysis and research across web vectors. You will dissect attacker tactics, techniques, and procedures (TTPs), crafting and optimizing detection signatures using industry-standard tools … your work has immediate and significant customer impact. What You'll Do: Analyse and classify file and web-based threats, including credential phishing campaigns and a wide range of malware families. Develop, test, and maintain detection signatures (Yara, ClamAV, and proprietary solutions) for both phishing and malware threats targeting Mimecast customers. Dissect malicious files, URLs, and email payloads More ❯

Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis, Malware Detection Tools + 16 more Desired Languages (If blank, desired languages More ❯

Job Description Summary Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. Job Description Essential Responsibilities In this role, you will: Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis … Understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.) - Understanding of APT, Cyber Crime and other associated tactics - Understanding of host forensics and network analysis techniques and tools - Understanding of malware and reverse engineering - Understanding of vulnerabilities. Vulnerability management, remediation and implementation techniques. - Understanding of responding to threats in cloud platforms (AWS, Azure More ❯

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP … FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure … protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing team knowledge across SOC tooling More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What youll bring: Demonstrable experience in Security Operations Centre. People … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you’ll bring: Demonstrable experience in Security Operations Centre. … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise … regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. * Act as the point of escalation for the Service desk for security related tickets. * Analysis of weekly vulnerability scans and update relevant records. Essential * A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines … of analysing information technology logs and events sources preferred * Working knowledge of data storage systems, data backup and restoration methods. * Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) * Ability to work independently while managing support to a high standard * Contribute More ❯

BAU security tasks, ongoing maintenance, supporting projects, and assisting with regulatory compliance to encourage continual enhancement of our IT security environment. Key responsibilities and accountabilities: * Endpoint monitoring and analysis. * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders. … regular routine inspections of installed equipment, and take corrective avoidance actions to prevent wider problems. * Function as the point of escalation for the Service Desk for security-related tickets. * Analysis of weekly vulnerability scans and update relevant records. * Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT). * Monitor and analyse security logs from … of analysing information technology logs and events sources preferred. * Working knowledge of data storage systems, data backup and restoration methods. * Understanding of cybersecurity tooling, its purpose and functionality (Anti-Malware, IDS/IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewalls/UTMs) * A collaborator with excellent work ethic, communication skills and a More ❯

Awareness of incident response planning and tabletop exercises. Understanding of frameworks such as MITRE ATT&CK, the Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Desirable Qualifications & Skills: Certifications such as ECIH, Security+, BTL1, CySA+, SC-200. Familiarity with open-source IR tools (e.g., Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility, SOF-ELK, DFIR More ❯

next level? Get in touch today! Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. Desirable skills: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with … Have: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving More ❯

security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Responding to security incidents, performing initial analysis and escalation as necessary. Participating in incident response planning and execution, ensuring timely containment and remediation of security breaches. Researching and analysing emerging threats and vulnerabilities to adapt security … Admin CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User and/or similar certifications is preferred. Verifiable experience in Security Operations and Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding … based and network-based IDS/IPS, WAF, EDR, etc. Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies. Experience in forensic tools and malware analysis is a plus. Experience with Cloud environments such as AWS/GCP/Azure is a plus. Ability to work across different regions in a process/ More ❯

security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Responding to security incidents, performing initial analysis and escalation as necessary. Participating in incident response planning and execution, ensuring timely containment and remediation of security breaches. Researching and analysing emerging threats and vulnerabilities to adapt security … Admin CISSP, CISM, GCIA, GCIH, GCFE, GCFA, GREM, Splunk Power User and/or similar certifications is preferred. Verifiable experience in Security Operations and Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding … based and network-based IDS/IPS, WAF, EDR, etc. Very strong understanding of networking protocols, operating systems and cyber security concepts and technologies. Experience in forensic tools and malware analysis is a plus. Experience with Cloud environments such as AWS/GCP/Azure is a plus. Ability to work across different regions in a process/ More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

with programming languages such as Python and SQL. Minimum C1 level in German with good knowledge of English. Desirable skills: Experience working with Sophos. Incident response experience. Experience with malware analysis. Company benefits: Attractive salary. Strong progression plans. Excellent training opportunities and personal development. Opportunity to attain certifications. Work alongside an inclusive team of experts. Call to action If More ❯

our personalized learning opportunities - just to name a few! Job Description Your Career You will work firsthand with our valued customers to address their complex post–sales concerns where analysis of situations or data requires an in–depth evaluation of many factors. You're a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You … permanent solutions. Share insights from customer interactions to improve our product and support experience. Document troubleshooting steps and resolutions clearly for both internal and customer use. Lead root cause analysis and coordinate corrective actions to prevent recurrence. Qualifications Your Experience Mandatory Requirements 🔒 Due to the nature of this role and the customers we support, candidates must either: Have lived …/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML, Bash, or More ❯

of the firm's information assets. In this role you will also act as the first point of contact for security-related incidents, and do other investigative work including malware analysis, email forensics, and other incident response activities. The successful candidate will be a hands-on, technically skilled security professional with experience across a broad range of cybersecurity More ❯