1 to 25 of 124 Threat Analysis Jobs in England

tooling. Take ownership of end-to-end handling of medium to high-severity incidents, coordinating containment and remediation efforts. Maintain detailed incident records, including timelines, impact assessments, root cause analysis, and mitigation steps. Act as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalations. Participate in on-call or out-of-hours technical support … where appropriate. Threat Intelligence and Analysis Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patterns. Lead threat intelligence sharing within the organization and with external partners. Mentor Tier 1 staff in interpreting threat data and logs during investigations. Security Monitoring and Detection Engineering Conduct continuous security monitoring of network traffic … Coordinate and support risk-based prioritization of vulnerability remediation efforts. Support vulnerability lifecycle management, including exception handling, patch validation, and reporting. Provide vulnerability remediation guidance based on CVSS scores, threat context, and business impact. Collaboration and Knowledge Sharing Act as a technical mentor to Tier 1 analysts, supporting their development and escalation handling. Work closely with other IT teams More ❯

for both cloud and traditional infrastructures. This position is designated for weekend coverage. The role's standard 5-day work week will include Saturday and Sunday. Responsibilities: Perform technical analysis on a wide range of cybersecurity issues Monitor, triage, prioritize, and coordinate events with global and regional teams, and respond to alerts for further investigation Integrate lessons learned to … to determine if an incident has occurred Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response - integrate threat intelligence reporting & indicators of compromise to improve defenses and proactively mitigate new threats Coordinate the response for confirmed security incidents, to include efforts … and remediate - function as the first line of cyber defense as part of the Global Security Team Maintain situational awareness and keep current with cyber security news and latest threat actor TTPs, in part to support the production of effective situational awareness products with relevant metrics and visualizations for key stakeholders and leadership Review of multiple log types including More ❯

Tier 2 SOC Analyst - Cyber Threat Analysis Center Job Description: The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial … Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. … Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs). Investigate potential security incidents by conducting deeper analysis on More ❯

Analyst Remote The R2 Analyst plays a vital role in the Security Operations Centre (SOC), contributing to the organisation's overall cybersecurity posture by actively participating in the monitoring, analysis, and response to security incidents and events. With a focus on continuous learning and collaboration, the R2 Analyst supports the SOC team in identifying, assessing, and mitigating potential security … threats and vulnerabilities. Through the application of foundational technical skills and a strong dedication to detail-oriented analysis, the R2 Analyst assists in safeguarding the organization's critical systems, data, and assets from cyber risks. By working closely with senior analysts and leveraging emerging technologies, the R2 Analyst helps maintain a vigilant and proactive defence against evolving cyber threats … enabling the organisation to operate securely and with confidence. Summary Threat Detection and Monitoring: Monitor the SOAR platform for EDR Logs, SIEM Logs, IDS Logs and Managed Intelligence sources. Identify potential threats, vulnerabilities, and indicators of compromise. Initiate escalation procedures to counteract potential threats and vulnerabilities. Ability to analyze and interpret threat intelligence feeds and implement protective measures More ❯

management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform regular threat analysis and act as a subject matter expert for mitigating cyber risks. This is an outstanding opportunity for an accomplished Information Security Engineer to join a market leading More ❯

more. Base pay range Leeds – 5 days on-site Up to £65,000 + DV Cleared Bonus Candidates must hold Active SC Clearance We are currently recruiting for a Threat Intelligence Lead to join one of the UK’s most critical national defence programmes. This is an opportunity to lead a high-performance team operating at the forefront of … cyber threat intelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As Threat Intelligence Lead, you will be responsible for managing the production of actionable threat intelligence and vulnerability assessments, ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the Threat Intelligence … Lead: • Lead the development and delivery of threat intelligence and vulnerability products. • Select and profile key threat actors posing the greatest risk to the client’s estate. • Own the continuous development of Priority Intelligence Requirements (PIRs) and the associated collection plan. • Ensure timely delivery of daily, weekly, and ad hoc intelligence reporting. • Provide in-depth contextual threat More ❯

Security Analyst Role: As a Level 3 Security Analyst, you will be at the forefront of our Security Operations Center (SOC), monitoring and responding to security incidents, performing threat analysis, and contributing to the continuous improvement of our cybersecurity services. You will work within a dynamic team, ensuring the protection of our clients' digital assets while maintaining service … professional growth and certification support. Responsibilities: Monitor, analyse, and respond to security events and incidents within the SOC, ensuring timely detection and resolution in line with SLAs. Conduct thorough threat analysis and vulnerability assessments to identify potential security risks and implement mitigation strategies. Develop and refine incident response plans and playbooks to enhance SOC effectiveness. Perform root cause … analysis (RCA) for high-priority incidents and contribute to service improvements. Provide expert recommendations on security measures and solutions to clients and colleagues. Engage in knowledge sharing within the SOC and wider teams to enhance security awareness. Participate in on-call rota for critical incident response and escalation. Work within designated shift patterns to ensure 24/7 SOC More ❯

qualifications (e.g., CISM, CISSP) preferred Experience leading security teams or senior security analysts Project management experience (preferred) Leadership skills for managing security analysts and specialists Expertise in incident detection, analysis, response, and coordination Deep understanding of cybersecurity principles and technologies Proficiency with SOC tools (SIEM, IDS/IPS, EDR) Risk assessment and prioritization skills Knowledge of regulations like GDPR … to adapt to evolving threats and technologies Experience Extensive security operations experience Prior CIRT team experience Leadership in Security Incident Response Experience with SIEM/SOAR tools Knowledge of threat intelligence, vulnerability management, network security Experience with threat analysis and security alerts Familiarity with frameworks like MITRE ATT&CK, NIST CSF Leadership or strong potential in security More ❯

Tenable, NCSC's Active Cyber Defence Toolkit) and Attack Surface Management tools. Deliver a seamless vulnerability management service across infrastructure and business units, ensuring the effectiveness of security measures. Threat Analysis: Utilize various sources of information to identify, analyze, and report on relevant threats and vulnerabilities. Continuously monitor and assess the threat landscape to adjust security measures … to effectively communicate security issues to diverse stakeholders. Strong stakeholder management skills, with a proven track record of working with cross-functional teams. In-depth understanding of the current threat landscape and security best practices. Preferred Qualifications: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+). Experience with the NCSC's Active Cyber Defence Toolkit. Familiarity with regulatory requirements and More ❯

Senior SOC Analyst to join their team in Gosport. This key role involves protecting the UK's national infrastructure, making your work impactful. You will be the expert in threat detection and incident response, supporting team growth. If you enjoy solving complex problems, staying ahead of cyber threats, and working in a collaborative SOC environment, this role could be … SOC Level 2 or higher) Hands-on experience with SIEM platforms such as Microsoft Sentinel and Splunk Knowledge of network protocols , VPNs, and firewalls Experience in incident response and threat analysis Familiarity with the MITRE ATT&CK framework Attention to detail and problem-solving skills Enjoy sharing knowledge and mentoring others Bonus Points Certifications like CRT , OSCP , or More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments, including OT … provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker TTPs. … Develop and maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. Communicate complex More ❯

infrastructure. You’ll be at the forefront of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to OT environments. Support vulnerability management … technical assurance across the OT security ecosystem. Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability to manage complex investigations and … B Corporation by 2x Get notified about new Cyber Security Analyst jobs in Scotland, United Kingdom . Midlothian, Scotland, United Kingdom 2 weeks ago Tier 1 SOC Analyst- Cyber Threat Analysis Center Tier 1 SOC Analyst- Cyber Threat Analysis Center Erskine, Scotland, United Kingdom 1 month ago Information Security Governance Specialist Edinburgh, Scotland, United Kingdom More ❯

to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. … Must Have: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem More ❯

to learn more about this opportunity, feel free to reach out and apply today! Responsibilities: Monitor and analyse security events within the SOC, ensuring timely detection and response. Perform threat analysis, vulnerability assessments, and implement mitigation strategies. Develop and refine incident response playbooks and procedures. Conduct root cause analysis (RCA) for high-priority incidents to prevent recurrence. … team. Requirements: Minimum of two years' experience in a SOC or managed security environment. Strong knowledge of network security (firewalls, IDS/IPS, VPNs). Proficiency in incident response, threat analysis, and vulnerability management. Experience working with SIEM tools for monitoring and event analysis. Understanding of malware analysis, forensic investigations, and endpoint security. Strong analytical and problem More ❯

MITRE ATT&CK, NIST/NICE, and others, identify gaps in coverage, and assist in the development of new content to address those gaps. This individual will also monitor threat intelligence feeds to ensure our labs remain relevant and valuable to our customers. The fellowship you’ll be joining You will contribute to our growing Content team and report … a Content Analyst at Hack The Box Content Documentation: Create detailed walkthroughs and hints for our labs. Ensure all documentation is clear, concise, and user-friendly. Framework Mapping and Analysis: Map each lab to relevant vulnerabilities, techniques, and frameworks such as MITRE ATT&CK, NIST/NICE, OWASP Top 10, etc. Maintain a centralized database to track mappings and … content alignment. Gap Analysis and Content Enhancement: Evaluate gaps between existing labs and industry frameworks to identify areas for new content development. Work closely with the content development teams to create labs that address these gaps. Content Categorization and Utilization: Develop a system to categorize content by domain, sector, threat actor, or other relevant criteria. Provide insights on More ❯

Operations Center team. The SOC Analyst will be responsible for monitoring, analyzing, and responding to cybersecurity incidents and threats. The ideal candidate will have experience with security monitoring tools, threat analysis, and incident response. Key Responsibilities: Monitor and analyze security events and alerts from various sources (SIEM, IDS/IPS, firewall, antivirus, etc.). Perform initial triage and … procedures. Investigate and escalate potential security incidents as needed. Maintain accurate documentation of incidents, investigations, and findings. Collaborate with IT and security teams to coordinate response and resolution. Conduct threat hunting to proactively detect malicious activity. Maintain and improve SOC procedures and playbooks. Stay current on cybersecurity trends, threats, and vulnerabilities. Participate in regular security audits and assessments. Assist … equivalent work experience). Experience: 13 years of experience in a security operations, cybersecurity, or IT role. Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight). Familiarity with log analysis and intrusion detection systems. Certifications (Preferred but not required): CompTIA Security+ Certified SOC Analyst (CSA) GIAC Security Essentials (GSEC) Certified Ethical Hacker (CEH) Skills: Strong analytical and problem-solving More ❯

relevant cybersecurity certifications preferred. 3+ years within Cloud Operations Security. Understanding of emerging threats in cloud domains including AWS, Azure, and GCP. Knowledge of security processes and technologies including Threat Analysis, Threat Intelligence, Threat Hunting, Vulnerability Assessment, Security Monitoring, and Compliance. Experience with digital forensics, malware analysis, operating systems, active directory, encryption schemas & algorithms, IAM More ❯

will help identify and analyse potential threats utilising a number of different SIEM & EDR tools. To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. Provide analysis and trending of security log data from many monitoring points. Support multiple … to pre-emptively eliminate the possibility of system breaches. Other duties as assigned. About you Requirements A passion for Cyber Security and enjoys solving problems Knowledge of the security threat landscape Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems) Knowledge of TCP/IP Protocols, network analysis, and network/ More ❯

management, network security, cloud security (AWS & Azure), firewalls and intrusion detection systems. You will monitor networks and systems for security breaches, enhance the performance of SecOps tools, perform regular threat analysis and act as a subject matter expert for mitigating cyber risks. This is an outstanding opportunity for an accomplished Cyber Security Engineer to join a market leading More ❯

helping us deliver services and solutions in both challenging and exciting situations. At DXC, we have a great opportunity for an experienced SOC Analyst to join the DXC Cyber Threat Analysis Centre (CTAC), in this role you will be responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of … to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. … Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis More ❯

the organisation from contemporary cyber threats Developing the overarching cybersecurity strategy Aligning the organisation to standards such as ISO27001 and Cyber Essentials + Using cyber tools to complete strategic threat analysis Using the findings from threat analysis to guide SIEM and EDR tunings Incident management Mentorship of small team Fostering cyber security awareness across the organisation More ❯

help identify and analyse potential threats utilising a number of different SIEM & EDR tools. Responsibilities To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. Provide analysis and trending of security log data from many monitoring points. Support multiple … to pre-emptively eliminate the possibility of system breaches. Other duties as assigned. About You Requirements A passion for Cyber Security and enjoys solving problems. Knowledge of the security threat landscape. Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols, network analysis, and network More ❯

The Company Join a growing and innovative professional services business, operating at the forefront of cybersecurity across both IT and industrial environments. With a strong focus on compliance, threat detection, and operational resilience, the company empowers its clients to meet and exceed modern security standards. You’ll be part of a forward-thinking team, working alongside cybersecurity specialists and … role. Your Skills & Experience Required: 3+ years of experience in IT security/cybersecurity Certifications such as CompTIA Security+, CCNA Security, or equivalent Strong understanding of cybersecurity frameworks and threat analysis Experience with SIEM, MDR/XDR, and incident triage Solid knowledge of operating systems (Windows, Linux, Cisco) Excellent communication skills - ability to collaborate across teams and with More ❯

and industry standards. They will be responsible to leverage and optimise a number of tools including, MS Defender, Sentinel, Azure and our SOC partner to enhance cyber resilience, conduct threat analysis and proactive risk assessments to design effective controls. They will support the Group's Cyber Security operations function, by designing and day-to-day delivery of threat intelligence, threat detection, incident response, vulnerability management and ethical hacking capabilities. They will play a key role in the Technology Directorate, to improve cyber resilience, reporting and effectiveness. As a Cloud Security Engineer, you will have a technical background and are looking to specialise in offering exceptional support and the effective operation of the technology infrastructure by means More ❯

improve the internal security posture. You will identify and assess cyber security risks, leveraging tools like MS Defender, Sentinel, Azure, and external SOC partners to enhance cyber resilience, conduct threat analysis, and perform risk assessments. You will lead the Cyber Security operations, providing strategic direction and coordinating threat intelligence, threat detection, incident response, vulnerability management, and More ❯