17 of 17 Threat Detection Jobs in the City of London

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

a cyber security role (ideally within an MSP or multi-client setting) Security certifications like Security+, CySA+, or equivalent (working toward CISSP or equivalent a bonus) Strong understanding of threat detection, risk analysis, and incident response Excellent communication and documentation skills Why Join? Broad exposure across industries and technologies Supportive, close-knit team environment Clear progression paths into More ❯

Security Operations Analyst for a 6-month contract (with strong extension potential). This is your chance to step into a high-impact role where you’ll sharpen cloud detection strategies, lead threat response efforts, and make your mark on a modern, cloud-native security operation — all within a business that thrives on data at scale. Key Responsibilities … across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and weaving in IaC wherever possible Teaming up with engineers and platform folk to lock down … cloud and container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code More ❯

in securing complex, cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud … visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and services Performing proactive threat hunts and maturing detection logic over time Key skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command … Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or reach out to learn more. More ❯

cybersecurity roadmap. Manage third-party partners and auditors , ensuring compliance, insurance requirements, and continuous risk assessments. Champion a security-first culture , driving awareness, training, and the adoption of modern threat detection and prevention tools. What we look for: Strong understanding of compliance standards such as PCI DSS, GDPR, SOC2, ISO27001, Cyber Essentials Impressive verbal and written communication skills More ❯

Identity and Access function within the Cyber Security team, including: o Access Management o Identity Governance and Administration o Role Based Access Control o Privileged Access Management o Identity Threat Detection and Response o Access Certification o Identity Data Management & Analytics Ensure that only authorised identities have access to the relevant data and systems. Working with department Heads More ❯

Join a world-leading cybercrime SaaS organisation in an exciting Senior/Principal AI Engineer role to deliver robust and impactful AI-based solutions to advance threat detection efficiency. Our client is headquartered in the UK and, whilst being well-established with significant sector success behind them, serving the largest names globally across the banking and government spaces … platform. Required experience for the Senior/Principal AI Engineer role: Machine learning (ML), deep learning and statistical analysis skills – even better if these skills have been applied to threat detection, malware analysis, phishing and/or abuse detection. Experience building production-grade AI pipelines, including data ingestion, feature engineering, validation, model deployment, and monitoring. Experience designing and … implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying cyber threats (URLs, domains, phishing, botnets, etc.) Proficient in a major backend language (ideally Golang) and related ML/AI libraries (e.g. Tensorflow & PyTorch, etc.) Experience with an MLOps platform like Kubeflow. Demonstrated ability to transition models from prototype to production. Experience assessing various More ❯

About Netcraft Netcraft is the global leader in cybercrime detection and disruption. We're a trusted partner for three of the four largest companies in the world and many large country governments. We've blocked more than 200 million malicious sites and perform takedowns for around one-third of the world's phishing sites. Our purpose, passion, and expertise … at Netcraft should combine deep applied AI/ML expertise , a hands-on and collaborative approach to developing solution architecture, and eventually develop a strong domain knowledge in cyber threat detection and mitigation. The role is highly collaborative, embedding within technical teams to deliver robust, explainable, and impactful AI-based solutions that advance threat detection efficacy … models. What you'll need to be successful: Advanced knowledge of machine learning, deep learning, and statistical analysis. Massive bonus points if you have experience applying these skills to threat detection, malware analysis, phishing, and/or abuse detection. Experience designing and implementing anomaly detection, classification, clustering, and retrieval across vision and language models, ideally for identifying More ❯

incidents, managing the full incident lifecycle from in-depth investigation to collaborating with the Head of SOC to contain and resolve threats. Ideally you will have experience with Splunk, threat detection and have worked with MITRE ATT&CK, preferably within a Financial Services firm. This role offers the chance to work in a fast-paced, global environment with More ❯

values. Description Lead and manage the Security Operations team to ensure optimal performance and adherence to best practices. Develop and implement effective security operations process, playbooks Oversee the monitoring, detection, and response to cybersecurity threats and incidents. Collaborate with stakeholders to ensure compliance with relevant regulations and standards. Provide training and guidance to team members to support their professional … skills in vulnerabilities management, incident management, and the implementation of security protocols. Knowledge of relevant cybersecurity regulations and standards. Experience with Microsoft tools and technologies used in monitoring and threat detection. Excellent leadership abilities and the capacity to mentor team members effectively. Strong communication skills to collaborate with stakeholders at all levels. Job Offer A yearly bonus to reward More ❯

applications and cloud-native services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such as … in AWS security services, including IAM, KMS, GuardDuty, Security Hub, and AWS WAF. Strong understanding of Terraform, AWS CloudFormation, or similar. Hands-on experience with cloud security monitoring and threat detection. Familiarity with Kubernetes, AWS EKS, Docker. More ❯

be responsible for shaping the technical roadmap and mentoring a team of engineers who will design, build, and automate cutting-edge security controls across cloud infrastructure, application layers, and detection systems. The ideal candidate will bring over a decade of experience in security engineering, including at least three years in a leadership role within fintech, exchanges, or large-scale … web environments. A strong background in building automated security pipelines using Infrastructure as Code (IaC), along with expertise in scanning, secret detection, and exploit simulation, is essential. Proficiency in coding, coupled with a deep understanding of micro-services and distributed systems, will be key to driving innovation and resilience in the company's security posture. Responsibilities: Develop a multi … strategy that aligns with the firm's risk tolerance and regulatory requirements. Drive and prioritise high-impact initiatives, including cloud and infrastructure hardening, application security for proprietary systems, advanced threat detection and response, and safeguarding of crypto assets. Build, mentor, and retain a top-tier team of security engineers, fostering a culture of excellence and innovation. Lead the More ❯

be responsible for shaping the technical roadmap and mentoring a team of engineers who will design, build, and automate cutting-edge security controls across cloud infrastructure, application layers, and detection systems. The ideal candidate will bring over a decade of experience in security engineering, including at least three years in a leadership role within fintech, exchanges, or large-scale … web environments. A strong background in building automated security pipelines using Infrastructure as Code (IaC), along with expertise in scanning, secret detection, and exploit simulation, is essential. Proficiency in coding, coupled with a deep understanding of micro-services and distributed systems, will be key to driving innovation and resilience in the company's security posture. Responsibilities: Develop a multi … strategy that aligns with the firm's risk tolerance and regulatory requirements. Drive and prioritise high-impact initiatives, including cloud and infrastructure hardening, application security for proprietary systems, advanced threat detection and response, and safeguarding of crypto assets. Build, mentor, and retain a top-tier team of security engineers, fostering a culture of excellence and innovation. Lead the More ❯