1 to 25 of 52 Threat Detection Jobs in England

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit … someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

Cyber Threat Specialist (Blue Team) - Financial Services - London - Hybrid - Excellent Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working closely with engineering, infrastructure and security teams, you will help design, implement and optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What you'll be doing Deliver hands ...

Threat Detection Engineer A specialist technology organisation operating in highly secure environments is expanding its cyber capability and looking to strengthen its detection function. This role sits at the heart of identifying, stopping, and staying ahead of modern threats. Role Overview: Location: Farnborough/Hybrid (3 days … week on site) Package: £55,000- £65,000pa & Benefits Industry: Defence & National Security What You’ll Be Doing: Designing and building high-quality detection rules and use cases across SIEM and EDR platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

Defender XDR, Sentinel, Entra ID • SIEM/XDR: Microsoft Sentinel (KQL), SentinelOne (S1QL) • Exposure to other platforms such as CrowdStrike, or Elastic a plus • Threat intelligence integration and detection tuning • Tooling: KQL, S1QL, PowerShell, API usage Join us and help strengthen the defensive capability of the organisations … support. You will focus on building, tuning, and improving detection logic across Microsoft and modern XDR platforms. This role sits at the centre of threat detection, platform optimisation, and continuous improvement. You’ll work closely with SOC analysts, engineers, and threat intelligence practitioners to build high ...

security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners … develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

GDPRcompliance Implement and manage security controls across Microsoft 365 and cloud environments Deploy and operate managed security tools (EDR, AV, email security, threat detection) Monitor vulnerabilities and investigate security incidents Produce clear security reports and client recommendations Deliver security awareness training and phishing simulations Work closely with internal … technical teams to improve overall security posture Essential Experience Background in cyber security within an MSP or multi-client environment Strong understanding of threat detection, incident response, and vulnerability management Hands-on experience securing Microsoft 365/Azure AD Knowledge of EDR, AV, email security, and network security ...

role, and you’re ready to make it your core focus. This role suits someone who has been actively involved in security monitoring , threat detection , vulnerability management , or incident response, and now wants to deepen their expertise in a dedicated cyber security position. The role: You’ll play … alongside relevant commercial experience. What matters most is that you can demonstrate real, practical exposure to cyber security, including: Security monitoring and alert investigation Threat detection and vulnerability assessment Experience with tools such as SIEM, IDS/IPS, firewalls, and endpoint protection A good understanding of common attack ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

Join Police Digital Service as NMC Senior Cyber Threat Intelligence Specialist Starting at £60,000pa This is an opportunity to play your part and protect our company, our customers and our communities from cyber attacks. Be part of a dedicated team and get ready to be challenged every … Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid/Wigan - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud … security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

Join Police Digital Service as NMC Cyber Security Detection Engineer - 2 roles available Salary starting at £50,000 About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities and ways … Police Digital Service and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge ...