1 to 25 of 463 Threat Detection Jobs in England

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we’re looking for We are seeking a client-focused SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Perform hands-on configuration and tuning of SIEM components, setting up alerting, custom dashboards, and data ingestion as needed to support client-specific More ❯

Cloud Security Architecture & Implementation Design and implement cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring … tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

NIST, or SOC 2). Automation & CI/CD: Integrate security tools into CI/CD pipelines to enable automated vulnerability scanning, compliance checks, and secure deployments. Monitoring and Threat Detection: Implement and manage cloud-native security solutions to detect and respond to threats in real time. Documentation: Maintain comprehensive documentation for security policies, procedures, and architectures to More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar. Familiarity with compliance More ❯

of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar Familiarity with compliance More ❯

control of VM hardware, systems, and application software. Coordinate upgrades and maintenance activities on VM tools. Collaboration: Work closely with Vulnerability Assessment & Pen Testing teams to analyse results and threat feeds, reacting appropriately to security weaknesses or vulnerabilities. Technical Documentation: Prepare and maintain user documentation of the VM programme, including requirements, architecture designs, network topology, applications, and application security … as CISSP, CISM, or CEH. Excellent analytical and problem-solving skills. Good communication and presentation skills. Ability to work closely with multi-functional teams. Preferred Qualifications: Experience with advanced threat detection and response tools. Knowledge of secure software development practices and DevSecOps or equivalent experience. Experience in mentoring and developing junior team members. LSEG is a leading global More ❯

manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) Lead technical workshops & architecture design sessions Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) Perform threat detection, incident response & forensic analysis What We’re Looking For: 4+ years in Cyber Security within an MSP or similar environment Hands-on expertise in SIEM, EDR, firewalls More ❯

of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP). Operating in a highly regulated, Real Time financial services … environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure. What You'll Do SOC Leadership & Threat Detection Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads. Establish and maintain 24/7 detection and response capabilities … fine-tuning alerting rules and monitoring strategies. Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools. Define and maintain runbooks, incident playbooks, and escalation procedures. Incident Response & Threat Intelligence Own the full life cycle of security incidents from detection to remediation and post-incident review. Perform advanced threat hunting and More ❯

in either our London or Tampa office. How you will contribute The Director of SOC will play a critical role in, overseeing the 24/7/365 monitoring, detection, and response to cybersecurity threats and incidents, ensuring operational excellence, threat intelligence integration, and alignment with the organization's security objectives. The ideal candidate is a proven cybersecurity … leader with a deep understanding of security operations, threat landscapes, incident response, and team leadership. This individual will play a key role in shaping the future of our cyber defense capabilities. Responsibilities: • Lead and manage the daily operations of the Security Operations Center, including managing a multi-tiered team of managers, analysts, and incident responders. • Develop and execute SOC … strategy, goals, and KPIs in alignment with organizational cybersecurity and business objectives. • Oversee incident detection, triage, investigation, and coordinated response efforts to mitigate threats in real time. • Ensure continuous improvement of security monitoring tools, automation, playbooks, and threat detection capabilities. • Collaborate with other cybersecurity teams, IT, legal, compliance, and business units to ensure an integrated approach to More ❯

We are seeking a Senior Security Engineer to join our team. If you have a passion for cybersecurity, thrive on solving complex security challenges, and are experienced in advanced threat detection and response, we’d love to hear from you! As a Senior Security Engineer, you will be responsible for protecting our systems, networks, and data from cyber … in the completion of security projects. Ensure platform security by design and provide technical guidance aligned with the product roadmap. Conduct vulnerability assessments, manage security risks, and respond to threat intelligence feeds. Monitor systems and networks for suspicious activity and engage in response procedures as necessary. Manage and document all stages of security incident response, including detection, containment … protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like More ❯

to £60,000 Overview: A growing cyber consultancy is seeking a client-facing Cyber Security Consultant to lead risk assessments, drive SIEM/XDR implementation, and guide customers through threat detection and governance improvements. This role is Ideal for individuals with an outgoing personality, confident speaking with stakeholders at all levels, strong all round technical expertise, and a …/XDR deployments and incident response workflows. Conduct posture reviews, environment audits, and gap analyses. Present security findings and recommendations to stakeholders through meetings and reports. Provide guidance on threat detection best practices. Technical Skills & Experience: Proficient with SIEM/XDR tools (QRadar, Sentinel, Defender XDR). Strong knowledge of NIST CSF, NCSC CAF, and cloud security (AWS More ❯

regulatory landscapes such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Knowledge of virtualization technologies including Docker, Kubernetes, Linux, etc. Experience with host-based security products and methodologies (e.g., threat detection, end-user detection and response, micro-segmentation, zero trust). Exposure to ITIL environments or structured platform management. Possession of professional certifications such as CISSP, CISM … leadership and subject matter expertise in Cyber Security. Design and deploy security tools for new and existing infrastructure and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and implement mitigating solutions. Manage capacity … wider team to drive automation and data mining in support of cyber goals and the company's digitization transformation. Develop and execute the cyber roadmap for platform development and threat mitigation, in alignment with the unit’s cyber vision and strategy. Continuously enhance professional cyber skills and awareness to stay ahead of cyber threats. Lead complex technical deliverables, ensuring More ❯

technology, now and for generations to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role Overview As a Lead Cyber … threats and technology trends into actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver reusable frameworks and methodologies across … management, and investment planning. Create business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and support career development in advisory More ❯

security for Azure Cloud environments, including Microsoft Defender, Sentinel, and Entra ID solutions. Manage audits, compliance, and supplier security profiles, ensuring adherence to industry standards. Oversee risk management and threat detection to minimize vulnerabilities. Lead the Security Operations Center (SOC) for continuous monitoring and response. Develop and implement technical security solutions (e.g., firewalls, encryption, IDS/IPS). … Personal Attributes: High-level problem-solving and decision-making abilities. Strong leadership, communication, and interpersonal skills. Ability to thrive in high-pressure environments and adapt to an evolving cyber threat landscape. Detail-oriented with a commitment to excellence and security best practices. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Insurance, Technology, Information More ❯

driving enterprise sales, and managing complex cybersecurity engagements. Responsibilities Develop & execute a UK security strategy aligned with Swyft’s global cybersecurity frameworks, ensuring technical alignment with SOC/SIEM, threat intelligence, and compliance requirements. Build and scale a UK cybersecurity team , including pre-sales engineers, SOC analysts, and risk/compliance specialists. Oversee technical sales & enterprise security solutions, working … closely with clients to design, deploy, and optimize Swyft’s Velocity platform for advanced threat detection and response. Ensure adherence to UK/EU cybersecurity regulations ( NCSC guidelines, GDPR, NIS Directive ) and implement security controls in alignment with industry standards ( ISO 27001, CIS, NIST ). Engage with Swyft executives, CISOs, and IT security teams to drive cybersecurity transformation … cloud security adoption, and zero-trust architecture implementations. Manage regional cybersecurity incidents and response strategies, collaborating with global SOC teams to handle threat intelligence, risk assessments, and cyber defense operations. Establish strategic partnerships with UK-based cybersecurity vendors, MSSPs, and government agencies for threat-sharing initiatives. Requirements 10+ years of experience in cybersecurity leadership roles (CISO, Security Director More ❯

Develop and enforce policies for identity and access management, encryption, logging, and monitoring. Collaborate with DevOps, architecture, and security teams to embed secure-by-design practices. Support incident response, threat detection, and cloud-specific vulnerability management. Requirements: 5+ years in cybersecurity, with 2+ years focused on cloud security engineering. Strong experience with AWS, Azure, and/or GCP More ❯