1 to 25 of 28 Threat Analysis Jobs in the UK excluding London

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the UK for … least 6 months working experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

Job Description Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to security clearance requirements. Only single nationality applicants are accepted. (2nd passport holders, OCI & ILR candidates cannot be considered). You must have been in the UK for the last … least 6 months of experience with SIEM technologies Job Overview The Tier 2 Cyber Security Analyst is a mid-level position within the Cyber Threat Analysis Centre (CTAC). Responsible for advancing initial investigations conducted by Tier 1 Analysts, providing in-depth analysis of potential threats, and … response. The role involves collaboration with senior and junior analysts to ensure effective SOC operations and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and More ❯

of cybersecurity with intelligence, passion, and excellence! In this role you will be responsible for: • Independent implementation of customer projects in areas such as Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, and Secure Network Design. • Assist customers in developing security-relevant concepts and making architectural … can be hybrid in Austria or Germany Essential: • Relevant degree e.g. Computer Science, Cyber Security • 5 years professional experience in two or more of: Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, Secure Network Design • Passion for Cyber Security • Good communication skills • Minimum C1 German and More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

of complexity and scale. The role plays a critical role in the initial triage, monitoring, and reporting of potential cyber threats within the Cyber Threat Analysis Centre (CTAC). Tier 1 Analysts will use their foundational knowledge of security information and event management (SIEM) solutions, to support the … in using multiple ticketing systems to manage incidents effectively, ensuring service level objectives are adhered to. Experience utilising Kusto Query Language (KQL) for log analysis will also be beneficial. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … Act as the first line of response for security incidents by identifying and classifying potential threats, escalating to higher tiers when necessary. Perform preliminary analysis on alerts. Create and manage incident tickets to track incident status Conduct and document formal handover/takeover procedures at the beginning and end More ❯

the forefront of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to … Skills & Experience: Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

tools. * Cloud Security Design & Integration: Implement and optimize Microsoft Defender for Cloud to enhance cloud security posture, detect misconfigurations, and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation … Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry … best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from evolving … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with hands … on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases, firewalls, VPNs, enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) It would also be desirable if you were to have Experience in static malware analysis and reverse engineering Any scripting or programming with Python, Perl, Bash, PowerShell, or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue … cyber defence challenges. The Soc Shift Leader would be tasked with Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing their skills and supporting career progression More ❯

responsibilities will be: . Design and implement enterprise security solutions for on-premises and cloud-based systems by applying technical architecture, risk management, and threat analysis to create solutions that are resilient from attack . Assess and improve security postures to address evolving cyber threats, keeping our operational … to enable business outcomes. . Knowledge of industry security solutions including network detection and response, security information and event management, extended detection and response, threat intelligence and vulnerability management. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analystsdeveloping capability and supporting career progression Enhancing team More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analystsdeveloping capability and supporting career progression Enhancing team More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing More ❯

vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors, malware, and security trends is crucial. Developing and More ❯

the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts (team of 4) -developing capability and supporting … career progression Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and … management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client Server applications and multi-tier web environments Relational databases, Firewalls, VPNs, enterprise AntiVirus solutions Networking principles (eg More ❯