1 to 25 of 224 Malware Analysis Jobs in the UK

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What youll bring: Demonstrable experience in Security Operations Centre. People … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

all the evidence available and support the client on the appropriate action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools … to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … . Knowledge of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Understanding of static malware analysis and reverse engineering. Familiarity with additional SIEM tools such as QRadar. 25 days annual leave, with the option to purchase more Health cash plan Life assurance Generous More ❯

contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more More ❯

contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more More ❯

contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more More ❯

people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP … FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure … protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing team knowledge across SOC tooling More ❯

Incident Detection & Response: Monitor security events and alerts using SIEM (Security Information and Event Management) and other security tools to identify potential security threats and incidents. Conduct initial triage, analysis, and categorisation of security incidents based on severity and impact. Escalate complex or high-impact incidents to senior SOC analysts or other IT/security teams as required Assist … mitigations on completion of ITHC and vulnerability scanning activity. Participate in on-call or out-of-hours technical support where appropriate and supported by senior staff. Threat intelligence and analysis: Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques. Analyse network and system logs to identify anomalous behaviour and trends indicating potential cyber threats. Contribute to threat … SIEM, Microsoft Sentinel, or similar). Basic understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security. Exposure to or understanding of log analysis and alert triage, vulnerability scanning and patching and incident response Knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK). Understanding of network protocols, malware More ❯

frameworks like MITRE ATT&CK .? Networking & Security: Strong understanding of TCP/IP, firewalls, VPNs, and enterprise security tools . Bonus Points for: ? DV Clearance (or eligibility). ? Malware Analysis & Reverse Engineering skills. ? Programming/Scripting (Python, PowerShell, C++, Bash, Perl) . ? Relevant SOC Certifications (CREST Practitioner, Blue Team Level 1, etc.) . Why Join Us? ? Work More ❯

significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Exposure to additional SIEM tools such as QRadar. 25 days annual leave (plus option More ❯

significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Exposure to additional SIEM tools such as QRadar. 25 days annual leave (plus option More ❯

significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

that puts the emphasis on teamwork. The Role As a Senior Cyber Security Analyst, you’ll be key to protecting our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be vital in detecting, responding to, and mitigating risks. On any given day, you might … an overview of past alerts, reviewing notifications from the previous night and prioritising incidents based on severity and impact. About You You’ll bring a background in cyber security analysis and a passion for IT. Ideally, you’ll have experience with host intrusion detection analysis, but don’t worry if that’s an area you’re still developing … Are: At least 6 months’ experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

that puts the emphasis on teamwork. The Role As a Senior Cyber Security Analyst, you’ll be key to protecting our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be vital in detecting, responding to, and mitigating risks. On any given day, you might … an overview of past alerts, reviewing notifications from the previous night and prioritising incidents based on severity and impact. About You You’ll bring a background in cyber security analysis and a passion for IT. Ideally, you’ll have experience with host intrusion detection analysis, but don’t worry if that’s an area you’re still developing … Are: At least 6 months’ experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

that puts the emphasis on teamwork. The Role As a Senior Cyber Security Analyst, you’ll be key to protecting our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be vital in detecting, responding to, and mitigating risks. On any given day, you might … an overview of past alerts, reviewing notifications from the previous night and prioritising incidents based on severity and impact. About You You’ll bring a background in cyber security analysis and a passion for IT. Ideally, you’ll have experience with host intrusion detection analysis, but don’t worry if that’s an area you’re still developing … Are: At least 6 months’ experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

that puts the emphasis on teamwork. The Role As a Senior Cyber Security Analyst, you’ll be key to protecting our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be vital in detecting, responding to, and mitigating risks. On any given day, you might … an overview of past alerts, reviewing notifications from the previous night and prioritising incidents based on severity and impact. About You You’ll bring a background in cyber security analysis and a passion for IT. Ideally, you’ll have experience with host intrusion detection analysis, but don’t worry if that’s an area you’re still developing … Are: At least 6 months’ experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

that puts the emphasis on teamwork. The Role As a Senior Cyber Security Analyst, you’ll be key to protecting our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be vital in detecting, responding to, and mitigating risks. On any given day, you might … an overview of past alerts, reviewing notifications from the previous night and prioritising incidents based on severity and impact. About You You’ll bring a background in cyber security analysis and a passion for IT. Ideally, you’ll have experience with host intrusion detection analysis, but don’t worry if that’s an area you’re still developing … Are: At least 6 months’ experience of working as a Cyber Security/Security Operations Centre Analyst Evidence of experience working in at least one of the following fields: malware analysis, intrusion detection and incident response Evidence of experience of line management; OR of tasking of, or delegation to, team members. These criteria will be assessed at CV More ❯

for both cloud and traditional infrastructures. This position is designated for weekend coverage. The role's standard 5-day work week will include Saturday and Sunday. Responsibilities: Perform technical analysis on a wide range of cybersecurity issues Monitor, triage, prioritize, and coordinate events with global and regional teams, and respond to alerts for further investigation Integrate lessons learned to … to determine if an incident has occurred Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response - integrate threat intelligence reporting & indicators of compromise to improve defenses and proactively mitigate new threats Coordinate the response for confirmed security incidents, to include efforts to … effective situational awareness products with relevant metrics and visualizations for key stakeholders and leadership Review of multiple log types including Windows, Active Directory, Email, Firewall, VPN, etc. to conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response activities Assist in developing and maturing the future services and capabilities of the More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. … Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Lead training sessions and tabletop exercises to improve … and incident response readiness. What You Are Good At Strong verbal and written communication skills for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. … Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Lead training sessions and tabletop exercises to improve … and incident response readiness. What You Are Good At Strong verbal and written communication skills for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as More ❯

sectors. The position involves driving operational improvements, working onsite, leading, and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring and line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat … environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable but not essential) SIEM technologies knowledge such More ❯

Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. … Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices. Produce timely reports on incident trends, threat intelligence insights, and response actions. Patriciate in training sessions and tabletop exercises to … awareness and incident response readiness. YOU ARE GOOD AT Strong verbal and written communication skills for stakeholder engagement and incident reporting. Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as More ❯