1 to 25 of 59 Malware Analysis Jobs in the UK

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. TCP/IP, WAN, LAN, SMTP, HTTP … FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity with additional SIEM technologies, especially QRadar Role & Responsibilities As a SOC Shift Lead , you will ensure … protecting client systems and guiding the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing team knowledge across SOC tooling More ❯

all the evidence available and support the client on the appropriate action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Security Monitoring: & Investigation: Monitoring SIEM tools … to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

all the evidence available and support the client on the appropraite action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the custiomer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice. Job Duties Security Monitoring: & Investigation: Monitoring … SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident … with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes More ❯

contribute to national security, and grow your cybersecurity career—this is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. Benefits: 25 days annual leave, with the option to purchase more More ❯

significant client in a secure environment. Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

sectors. The position involves driving operational improvements, working onsite, leading, and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring and line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat … environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable but not essential) SIEM technologies knowledge such More ❯

countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. … as anomalous changes in metrics, notable open incidents, quality concerns, or observed risks; support with resolution if appropriate Manage and complete assigned caseload throughout the incident response lifecycle, including analysis, containment, eradication, recovery, and lessons learned. Maintain all case documentation, including notes, analysis findings, containment steps, and cause for each assigned security incident. Ensure incident updates or contact … frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry recommendations to prevent and respond to threats such as phishing, malware, network attacks, suspicious activity, data security incidents. Exposure to technical elements of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow), Cloud Infrastructure (AWS, Azure, GCP), and More ❯

and remediation of advanced cyber threats, leveraging cutting-edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, and Defender and other security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information … and Event Management) tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics … o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are More ❯

next level? Get in touch today! Responsibilities: Lead shift-based SOC operations and provide line management to analysts. Triage, monitor, and investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the … Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, HTTP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. Desirable skills: Skills in malware analysis or reverse engineering. Experience with scripting or programming (Python, PowerShell, Bash, etc.). Relevant SOC certifications (e.g., CREST, Blue Team Level 1). Exposure to additional SIEM More ❯

Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise. * Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats. * Triage of data loss prevention alerts to identify and … organisation sub-function. * Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. * Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively. * Communicate … play a key role as part of a 24/7 security monitoring team. As Tier 2 Analysts you will handle escalated incidents from Tier 1 analysts, conduct deeper analysis, and work closely with senior security teams to contain and mitigate threats. This role is part of a large global team which operates follow-the-sun. This role requires More ❯

play a key role as part of a 24/7 security monitoring team. As Tier 2 Analysts you will handle escalated incidents from Tier 1 analysts, conduct deeper analysis, and work closely with senior security teams to contain and mitigate threats. This role is part of a large global team which operates follow-the-sun. This role requires … be successful as a Senior Cyber Operations Analyst you will need the following: Proficiency in SIEM technologies including Splunk Proactively search for potential threats using behavioral analytics, network traffic analysis, and threat intelligence. Incident response skills, including proficiency in PCAP capture, network analysis, and traffic pattern recognition. Knowledge of attack techniques (MITRE ATT&CK framework, malware analysis More ❯

into the corporate risk register and advising on appropriate mitigation strategies. Oversee the planning and execution of cyber audits and present findings to senior leadership. Provide expert guidance on malware analysis, secure access, identity management, and digital estate safeguarding. Build strong partnerships across Essex and beyond, working closely with peers, vendors, and regional bodies to stay ahead of More ❯

for both technical and non-technical stakeholders. Technical Skills: Experience in incident response and investigation using tools like SIEM, SOAR, and EDR platforms. Proficiency in digital forensics and log analysis across Networking, Windows, Mac, Linux, or Cloud environments. Strong understanding of evidence collection and prioritisation procedures. In-depth knowledge of NIST 800-61 incident response lifecycle, including containment, eradication … digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as MITRE ATTACK, Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Knowledge of open-source IR tools such as Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility, SOF-ELK, or DFIR-IRIS is preferred. Desirable Qualifications: Industry certifications such as ECIH … disruption. Strong communication skills with the ability to stay calm and effective under pressure. Able to align client deliverables with industry best practices. Skilled in proactive threat intelligence and analysis to support IR operations. Proactive, responsible, and eager to contribute to the growth of the Incident Response team. While this role is advertised as remote, it will require occasional More ❯

for both technical and non-technical stakeholders. Technical Skills: Experience in incident response and investigation using tools like SIEM, SOAR, and EDR platforms. Proficiency in digital forensics and log analysis across Networking, Windows, Mac, Linux, or Cloud environments. Strong understanding of evidence collection and prioritisation procedures. In-depth knowledge of NIST 800-61 incident response lifecycle, including containment, eradication … digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as MITRE ATTACK, Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Knowledge of open-source IR tools such as Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility, SOF-ELK, or DFIR-IRIS is preferred. Desirable Qualifications: Industry certifications such as ECIH … disruption. Strong communication skills with the ability to stay calm and effective under pressure. Able to align client deliverables with industry best practices. Skilled in proactive threat intelligence and analysis to support IR operations. Proactive, responsible, and eager to contribute to the growth of the Incident Response team. While this role is advertised as remote, it will require occasional More ❯

all are mandatory. You will have strong understanding of as many of the following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM … tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/EDR Software (Carbon Black, Microsoft Defender ATP, FireEye, CrowdStrike) Programming (Python, or other languages) What you can expect from us We won't just meet your expectations. We'll defy them. So you'll enjoy the comprehensive rewards package you'd expect from a leading More ❯

patterns ️ Working with internal teams to integrate threat intelligence into security operations and incident response processes ️ Using advanced tools and techniques to track and analyze threat actors, APTs, and malware campaigns ️ Developing and presenting actionable intelligence reports to stakeholders to improve proactive defense strategies ️ Collaborating with external partners, industry groups, and threat intelligence vendors to gather and share threat … data What We're Looking For: ️ Proven experience as a Cyber Threat Intelligence Specialist or in a similar threat analysis role ️ Strong knowledge of threat intelligence frameworks (e.g., STIX/TAXII, MITRE ATT&CK) and tools (e.g., SIEM, threat intelligence platforms) ️ Experience with threat hunting, incident response, and malware analysis ️ Familiarity with cyber threat actors, attack methodologies More ❯

processes. Ensure relations with CERT (Computer Emergency Response Team), particularly in a crisis situation to coordinate the various operational security teams. Response: Perform Incident Response of major cyber incidents: Malware reverse engineering, Hosts forensics, log analysis, etc. Perform Threat Intelligence on attacker groups related to aeronautics and defence. Perform Threat Hunting : Conduct Malware Analysis in the More ❯

learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. Collaborate with … Have: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem-solving More ❯

monitoring and response activities for the Amazon internal network. We value broad and deep technical knowledge, specifically in the fields of operating system security, network security, cryptography, software security, malware analysis, forensics, security operations, incident response, detection and hunting, and emergent security intelligence. We don't expect you to be an expert in all of the domains mentioned … security incidents. - Proficiency with a programming or scripting language. PREFERRED QUALIFICATIONS - 5+ years experience working in incident response, security operations, security automation tooling, hunting, or threat intelligence. - Familiarity with malware analysis, forensics, SOAR, SIEM platforms, or detection engineering and hunting. Demonstrable subject matter expertise in any of these domains a plus. - Proficiency across a variety of Operating Systems More ❯

with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified ) are a plus. More ❯

with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified ) are a plus. More ❯

with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified ) are a plus. More ❯

with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified ) are a plus. More ❯

with hands-on SOC experience . Proficiency in threat-hunting methodologies and investigative techniques. Experience with SIEM platforms such as Splunk, Sentinel , or similar. Solid understanding of security frameworks, malware analysis, and network protocols. Strong analytical and problem-solving skills. Relevant certifications (e.g., CompTIA Security+, CEH, GCIA, or Splunk Certified ) are a plus. More ❯