1 to 25 of 34 Threat Analysis Jobs in the UK excluding London

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the UK for … least 6 months working experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member of … the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threat intelligence … Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

Job Description Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to security clearance requirements. Only single nationality applicants are accepted. (2nd passport holders, OCI & ILR candidates cannot be considered). You must have been in the UK for the last … least 6 months of experience with SIEM technologies Job Overview The Tier 2 Cyber Security Analyst is a mid-level position within the Cyber Threat Analysis Centre (CTAC). Responsible for advancing initial investigations conducted by Tier 1 Analysts, providing in-depth analysis of potential threats, and … response. The role involves collaboration with senior and junior analysts to ensure effective SOC operations and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, assessing threat severity and More ❯

of cybersecurity with intelligence, passion, and excellence! In this role you will be responsible for: • Independent implementation of customer projects in areas such as Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, and Secure Network Design. • Assist customers in developing security-relevant concepts and making architectural … can be hybrid in Austria or Germany Essential: • Relevant degree e.g. Computer Science, Cyber Security • 5 years professional experience in two or more of: Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, Secure Network Design • Passion for Cyber Security • Good communication skills • Minimum C1 German and More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyber threat intelligence skills to the next level? This is an … exciting opportunity to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on … high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and More ❯

Cyber Threat Intelligence Analyst Hemel Hempstead | Hybrid: 2 Days WFH/3 Days On-Site Up to £60,000 + Excellent Benefits Security Clearance: SC Cleared + Eligible for DV Clearance A great opportunity to take your cyber threat intelligence skills to the next level? This is an … exciting opportunity to join a fast-growing, mission-driven cyber team working at the forefront of Defence and National Security. The Cyber Threat Intelligence Analyst will play a key role in identifying and neutralising emerging threats that could impact our most critical national infrastructure. This is a hands-on … high-impact role where you’ll shape the threat intel capability and directly support security operations in a cutting-edge SOC environment. As a Cyber threat Analyst, you will: Managing and automating threat intel feeds from multiple open and closed sources Monitoring OSINT, dark web forums, and More ❯

solutions in both challenging and exciting situations. At DXC, we have a great opportunity for an experienced SOC Analyst to join the DXC Cyber Threat Analysis Centre (CTAC), in this role you will be responsible for advancing the initial work conducted by Tier 1 Analysts and providing more … in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced … threat detection and response functions. Due to the customer requirements successful applicants must be eligible for high level UK Security clearance, SC and be able to work onsite in Farnborough. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … have active SC, moving to DV clearance and must have at least 6 months working experience in SIEM technologies. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

protecting global systems and infrastructure. As a Level 3 SOC Analyst , you will take the lead in investigating and supporting major incidents , performing advanced analysis to ensure no malicious activity is missed. You’ll act as both a technical expert and a mentor—guiding junior analysts, tuning tools for … and reporting on risks with precision. Key Responsibilities Lead Incident Investigations – Take ownership of high-severity security incidents, ensuring complete and accurate triage Advanced Threat Analysis – Perform deep-dive analysis to uncover root causes, residual risks, and stealthy attack vectors Mentor and Guide – Support junior analysts with … source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this insight to investigations and tuning efforts What You’ll Bring More ❯

the forefront of safeguarding Industrial Control Systems and SCADA networks from evolving cyber threats. Key Responsibilities: Monitor and assess OT cybersecurity systems, ensuring effective threat detection and response. Conduct threat analysis and vulnerability assessments to support incident response activities. Develop and implement incident response plans tailored to … Skills & Experience: Strong understanding of OT/ICS cybersecurity or relevant control systems (SCADA/PLC) – training provided where required. Experience with network security, threat detection, and incident response. Knowledge of security frameworks and regulations including NIST, IEC, NIS Directive, and Cyber Kill Chain. Analytical mindset with the ability More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

of complexity and scale. The role plays a critical role in the initial triage, monitoring, and reporting of potential cyber threats within the Cyber Threat Analysis Centre (CTAC). Tier 1 Analysts will use their foundational knowledge of security information and event management (SIEM) solutions, to support the … in using multiple ticketing systems to manage incidents effectively, ensuring service level objectives are adhered to. Experience utilising Kusto Query Language (KQL) for log analysis will also be beneficial. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift allowance. … Act as the first line of response for security incidents by identifying and classifying potential threats, escalating to higher tiers when necessary. Perform preliminary analysis on alerts. Create and manage incident tickets to track incident status Conduct and document formal handover/takeover procedures at the beginning and end More ❯

best practices. Proficiency with security technologies and tools (e.g., SIEM, vulnerability scanners, encryption tools). Hands-on experience with incident response, penetration testing, and threat analysis. Familiarity with secure software development practices and DevSecOps principles. Certifications such as CISSP, CISM, CEH, or equivalent are strongly preferred. Key Skills: Strong More ❯

an ISO27001 certification process. This role offers an exciting opportunity to work at the heart of cyber operations, playing a key role in monitoring, analysis, and continuous protection of systems and data. We are now seeking a Cyber Security Analyst to join the information security function. Reporting to the … Information Security Manager , you will support critical activities related to threat monitoring, incident response, vulnerability management and risk mitigation, while also acting as a key advocate for cyber awareness across the wider organisation Key Requirements Essential: 3+ years experience in cyber security Proficiency in SIEM , antivirus , and vulnerability management … Understanding of AD , Office 365 , Windows Server , and infrastructure security Strong IT skills with experience across networks, OS, and security protocols Incident response and threat analysis expertise Familiar with Azure/Microsoft Defender and best practice frameworks ITIL Foundation certified (v3 or later) or experience in an ITIL More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from evolving … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with hands … on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

tools. * Cloud Security Design & Integration: Implement and optimize Microsoft Defender for Cloud to enhance cloud security posture, detect misconfigurations, and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation … Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry … best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯