15 of 15 Malware Analysis Jobs in the UK

you can flex to meet your needs and training and development opportunities. What you will be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In-depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Provide Incident Response support. Maintain, improve and develop team knowledge of SOC tools, security operations … triage. Prepare reports for managed clients to both technical and non-technical audiences and continuously improve their content and presentation. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att … ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of log data and intrusion detection systems. Solid understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be More ❯

front, contribute to national security, and grow your cybersecurity careerthis is the role for you. Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices … of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analysing log data and network security events. Desirable Skills: Understanding of static malware analysis and reverse engineering. CREST Practitioner Intrusion Analyst certification. Familiarity with additional SIEM tools such as QRadar. DV Clearance Eligibility Benefits: 25 days annual leave, with the option More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What youll bring: Demonstrable experience in Security Operations Centre. People … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

you do need to be eligible for DV Clearance for this role. What you'll be doing: Monitor, triage, and investigate security incidents on critical client infrastructure. In depth analysis of network traffic, logs, and system events to identify potential security threats and vulnerabilities. Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. … Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability to work shift from our office in Hemel Hempstead. What you’ll bring: Demonstrable experience in Security Operations Centre. … of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP. It would be great if you had: Static malware analysis and reverse engineering. DV Clearance. Programming and scripting such as Python, Perl, Bash, PowerShell, C++. CREST Practitioner Intrusion Analyst/Blue Teams Level 1 or other SOC More ❯

of contact for stakeholders, representing the SOC during security incidents and operational reviews. If your SOC skillset includes: Proven SOC leadership experience with hands-on involvement in cyber threat analysis, monitoring, and response. Strong understanding of SOC tools and technologies, including Microsoft Sentinel, Splunk, and enterprise security platforms. Knowledge of networking and security fundamentals (TCP/IP, firewalls, VPNs … . Experience leading SOC teams in high-pressure environments with shifting priorities. Desirable: DV Clearance (or the ability to obtain it). Malware analysis, reverse engineering, or scripting experience (Python, PowerShell, Bash, Perl, C++). Recognised SOC certifications (CREST Practitioner, Blue Team Level 1, or similar). This is an excellent opportunity for an experienced SOC Lead or More ❯

following: * Endpoint monitoring and analysis. * Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. * Monitor and administer Security Information and Event Management (SIEM). * Malware analysis and forensics research. * Understanding/differentiation of intrusion attempts and false positives. * Investigation tracking and threat resolution. * Vulnerability identification & mitigation/remediation. * Compose security alert notifications. * Advise … regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. * Act as the point of escalation for the Service desk for security related tickets. * Analysis of weekly vulnerability scans and update relevant records. Essential * A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines … of analysing information technology logs and events sources preferred * Working knowledge of data storage systems, data backup and restoration methods. * Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs) * Ability to work independently while managing support to a high standard * Contribute More ❯

The Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues and … Exposure to IT Security Operations in large and complex organisations -Some coding ability Beneficial -Splunk -Palo Alto (XDR/XSIAM) -Skills in Forensics -Experience or interest in Reverse Engineering, Malware Analysis, Vulnerability Research -Industry recognised qualifications (eg. SANS, OSCP, ISC2) Security Clearance Eligibility for UK SC will be sought but wont be required from the start. Remote Working More ❯

The Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams’ effectiveness through ownership of relevant issues and … Exposure to IT Security Operations in large and complex organisations Some coding ability Beneficial Splunk Palo Alto (XDR/XSIAM) Skills in Forensics Experience or interest in Reverse Engineering, Malware Analysis, Vulnerability Research Industry recognised qualifications (eg. SANS, OSCP, ISC2) Security Clearance Eligibility for UK SC will be sought but won’t be required from the start. Remote More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

and support wider resilience initiatives. Key Responsibilities: Design, implement, and manage secure network architectures Perform vulnerability assessments , penetration testing , and remediation strategy delivery Lead and coordinate incident response , forensic analysis, and post-incident reporting Use and optimise security tooling (e.g. firewalls, IDS/IPS , endpoint protection) Collaborate with developers and IT teams to embed secure coding and operational practices … risk assessments and identify meaningful control improvements Experience using and managing firewalls, intrusion detection systems, and SIEM solutions Familiarity with secure networking protocols (VPNs, TCP/IP, etc.) and malware analysis Understanding of industry frameworks: ISO27001, Cyber Essentials, NIST800-53 Experience working on security operations, threat management, and incident resolution Excellent communication skills, with ability to translate technical More ❯

our personalized learning opportunities - just to name a few! Job Description Your Career You will work firsthand with our valued customers to address their complex post–sales concerns where analysis of situations or data requires an in–depth evaluation of many factors. You're a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You … permanent solutions. Share insights from customer interactions to improve our product and support experience. Document troubleshooting steps and resolutions clearly for both internal and customer use. Lead root cause analysis and coordinate corrective actions to prevent recurrence. Qualifications Your Experience Mandatory Requirements 🔒 Due to the nature of this role and the customers we support, candidates must either: Have lived …/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML, Bash, or More ❯

our personalized learning opportunities - just to name a few! Job Description Your Career You will work firsthand with our valued customers to address their complex post–sales concerns where analysis of situations or data requires an in–depth evaluation of many factors. You're a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You … permanent solutions. Share insights from customer interactions to improve our product and support experience. Document troubleshooting steps and resolutions clearly for both internal and customer use. Lead root cause analysis and coordinate corrective actions to prevent recurrence. Qualifications Your Experience Mandatory Requirements 🔒 Due to the nature of this role and the customers we support, candidates must either: Have lived …/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML, Bash, or More ❯

our personalized learning opportunities - just to name a few! Job Description Your Career You will work firsthand with our valued customers to address their complex post–sales concerns where analysis of situations or data requires an in–depth evaluation of many factors. You're a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You … permanent solutions. Share insights from customer interactions to improve our product and support experience. Document troubleshooting steps and resolutions clearly for both internal and customer use. Lead root cause analysis and coordinate corrective actions to prevent recurrence. Qualifications Your Experience Mandatory Requirements 🔒 Due to the nature of this role and the customers we support, candidates must either: Have lived …/IP) and security practices (IPSec, SSL-VPN, NAT, GRE). Hands-on experience with cloud infrastructure operations and troubleshooting customer tech stacks. Familiarity with SIEM tools, vulnerability management, malware analysis, and firewall configurations. Ability to communicate complex technical solutions to a wide range of audiences, both technical and non-technical. Skilled in Python, JSON, YAML, Bash, or More ❯

industry. Requirements 7–10+ years in intelligence roles (government or private sector), with 3–5+ years in CTI leadership. Strong knowledge of threat actors, cybercrime, nation-state campaigns, and analysis techniques. Familiarity with STIX/TAXII, SIEM/TIP integration, and structured analytical methods. Experience briefing technical and executive audiences. Eligible for UK SC or DV clearance. Industry certifications … e.g., CREST CTI Manager, GCTI, CISSP) required. Desirable Skills Foreign language skills (e.g., Russian, Mandarin, Farsi). Knowledge of red/purple teaming, threat modelling, and malware analysis. Experience supporting incident response or tabletop exercises. Background in consultancy, financial services, or CNI. For more information on this role, please apply online or reach out to Catherine Burn on c.burn More ❯