1 to 25 of 56 Threat Analysis Jobs in the UK

Tier 2 SOC Analyst - Cyber Threat Analysis Center Job Description: The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising … on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service More ❯

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the UK for … least 6 months working experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising More ❯

What You'll Be Working On: ️ Collecting, analyzing, and disseminating cyber threat intelligence to identify emerging threats and attack patterns ️ Working with internal teams to integrate threat intelligence into security operations and incident response processes ️ Using advanced tools and techniques to track and analyze threat actors, APTs … and malware campaigns ️ Developing and presenting actionable intelligence reports to stakeholders to improve proactive defense strategies ️ Collaborating with external partners, industry groups, and threat intelligence vendors to gather and share threat data What We're Looking For: ️ Proven experience as a Cyber Threat Intelligence Specialist or in … a similar threat analysis role ️ Strong knowledge of threat intelligence frameworks (e.g., STIX/TAXII, MITRE ATT&CK) and tools (e.g., SIEM, threat intelligence platforms) ️ Experience with threat hunting, incident response, and malware analysis ️ Familiarity with cyber threat actors, attack methodologies, and geopolitical More ❯

Cyber Threat Intelligence Lead - Leeds About the job Job summary Discover a career in your hands at HMRC. Whether you\\\'re seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it … to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of … the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence … Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

London, England, United Kingdom Corporate Functions Add to Favorites Incident Response Engineer - Threat Analysis Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven technical … Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them Proficient understanding of threat modeling, operational threat intelligence, and common attack vectors Knowledge of web application vulnerabilities with ability to triage/verify OWASP Top 10 issues More ❯

watchTowr's alignment to numerous industry standards, including ISO27001 and SOC2 Type 2, while going steps further where relevant due to watchTowr's unique threat model. You will oversee security monitoring, threat analysis, threat hunting, penetration testing, and vulnerability management to align cyber risk management with More ❯

Job Description Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to security clearance requirements. Only single nationality applicants are accepted. (2nd passport holders, OCI & ILR candidates cannot be considered). You must have been in the UK for the last … least 6 months of experience with SIEM technologies Job Overview The Tier 2 Cyber Security Analyst is a mid-level position within the Cyber Threat Analysis Centre (CTAC). Responsible for advancing initial investigations conducted by Tier 1 Analysts, providing in-depth analysis of potential threats, and … response. The role involves collaboration with senior and junior analysts to ensure effective SOC operations and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and More ❯

of cybersecurity with intelligence, passion, and excellence! In this role you will be responsible for: • Independent implementation of customer projects in areas such as Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, and Secure Network Design. • Assist customers in developing security-relevant concepts and making architectural … can be hybrid in Austria or Germany Essential: • Relevant degree e.g. Computer Science, Cyber Security • 5 years professional experience in two or more of: Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, Secure Network Design • Passion for Cyber Security • Good communication skills • Minimum C1 German and More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyber threat intelligence skills to the next level? This is an … exciting opportunity to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on … high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyber threat intelligence skills to the next level? This is an … exciting opportunity to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on … high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and More ❯

severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements … and extract indicators of compromise (IOCs). Continuous engagement with the Threat Intelligence and 24x7 Monitoring teams. Provide ad-hoc on-call support to review threats and response actions for off-hour critical incident response. What you'll need Job Complexity: Works on and may lead projects or a … education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or More ❯

solutions in both challenging and exciting situations. At DXC, we have a great opportunity for an experienced SOC Analyst to join the DXC Cyber Threat Analysis Centre (CTAC), in this role you will be responsible for advancing the initial work conducted by Tier 1 Analysts and providing more … in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced … threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

Erskine/Farnborough (Complete Remote is fine) Job Description Summary - The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Experience Required Understands advanced networking concepts, including IP addressing, basic network protocols, and how traffic flows within a network. Advanced knowledge … operating environments, including standard commands, file systems, and user authentication mechanisms. Competence in using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

threats utilising a number of different SIEM & EDR tools. Responsibilities To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. Provide analysis and trending of security log data from … possibility of system breaches. Other duties as assigned. About You Requirements A passion for Cyber Security and enjoys solving problems. Knowledge of the security threat landscape. Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols … network analysis, and network/security applications. Knowledge of common Internet protocols and applications. Ability to multi-task, prioritize, and manage time effectively. Ability to cope successfully under pressure and with shifting priorities. Ability to work on a shift rota. Strong attention to detail. Excellent interpersonal skills and professional More ❯