1 to 25 of 269 Threat Detection Jobs in London

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize emerging threats. Monitor and … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network. You will work closely with the Security Operations Center (SOC), Security Information and … Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats. What Will You Do? Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents. Conduct proactive threat hunting to detect and neutralize … tools for potential attack indicators. Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts. Develop and enhance incident response playbooks, ensuring alignment with evolving threats. Analyze threat intelligence sources to identify new attack vectors and adversary tactics. Provide forensic analysis and malware reverse engineering to assess security incidents. Collaborate with IT, Risk, and Compliance teams to More ❯

NIST, or SOC 2). Automation & CI/CD: Integrate security tools into CI/CD pipelines to enable automated vulnerability scanning, compliance checks, and secure deployments. Monitoring and Threat Detection: Implement and manage cloud-native security solutions to detect and respond to threats in real time. Documentation: Maintain comprehensive documentation for security policies, procedures, and architectures to More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

of security technologies, including SIEM, EDR, Firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar Familiarity with compliance More ❯

control of VM hardware, systems, and application software. Coordinate upgrades and maintenance activities on VM tools. Collaboration: Work closely with Vulnerability Assessment & Pen Testing teams to analyse results and threat feeds, reacting appropriately to security weaknesses or vulnerabilities. Technical Documentation: Prepare and maintain user documentation of the VM programme, including requirements, architecture designs, network topology, applications, and application security … as CISSP, CISM, or CEH. Excellent analytical and problem-solving skills. Good communication and presentation skills. Ability to work closely with multi-functional teams. Preferred Qualifications: Experience with advanced threat detection and response tools. Knowledge of secure software development practices and DevSecOps or equivalent experience. Experience in mentoring and developing junior team members. LSEG is a leading global More ❯

of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP). Operating in a highly regulated, Real Time financial services … environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure. What You'll Do SOC Leadership & Threat Detection Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads. Establish and maintain 24/7 detection and response capabilities … fine-tuning alerting rules and monitoring strategies. Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools. Define and maintain runbooks, incident playbooks, and escalation procedures. Incident Response & Threat Intelligence Own the full life cycle of security incidents from detection to remediation and post-incident review. Perform advanced threat hunting and More ❯

in either our London or Tampa office. How you will contribute The Director of SOC will play a critical role in, overseeing the 24/7/365 monitoring, detection, and response to cybersecurity threats and incidents, ensuring operational excellence, threat intelligence integration, and alignment with the organization's security objectives. The ideal candidate is a proven cybersecurity … leader with a deep understanding of security operations, threat landscapes, incident response, and team leadership. This individual will play a key role in shaping the future of our cyber defense capabilities. Responsibilities: • Lead and manage the daily operations of the Security Operations Center, including managing a multi-tiered team of managers, analysts, and incident responders. • Develop and execute SOC … strategy, goals, and KPIs in alignment with organizational cybersecurity and business objectives. • Oversee incident detection, triage, investigation, and coordinated response efforts to mitigate threats in real time. • Ensure continuous improvement of security monitoring tools, automation, playbooks, and threat detection capabilities. • Collaborate with other cybersecurity teams, IT, legal, compliance, and business units to ensure an integrated approach to More ❯

We are seeking a Senior Security Engineer to join our team. If you have a passion for cybersecurity, thrive on solving complex security challenges, and are experienced in advanced threat detection and response, we’d love to hear from you! As a Senior Security Engineer, you will be responsible for protecting our systems, networks, and data from cyber … in the completion of security projects. Ensure platform security by design and provide technical guidance aligned with the product roadmap. Conduct vulnerability assessments, manage security risks, and respond to threat intelligence feeds. Monitor systems and networks for suspicious activity and engage in response procedures as necessary. Manage and document all stages of security incident response, including detection, containment … protection Strong understanding of cloud security (AWS, Azure, Google Cloud) and network security architecture Experience conducting vulnerability assessments, incident response, and forensics using tools such as Nessus Proficiency in threat hunting, malware analysis, and intrusion detection techniques Familiarity with compliance frameworks (e.g., NIST, ISO, PCI-DSS) and regulatory requirements Strong analytical skills with the ability to think like More ❯

to £60,000 Overview: A growing cyber consultancy is seeking a client-facing Cyber Security Consultant to lead risk assessments, drive SIEM/XDR implementation, and guide customers through threat detection and governance improvements. This role is Ideal for individuals with an outgoing personality, confident speaking with stakeholders at all levels, strong all round technical expertise, and a …/XDR deployments and incident response workflows. Conduct posture reviews, environment audits, and gap analyses. Present security findings and recommendations to stakeholders through meetings and reports. Provide guidance on threat detection best practices. Technical Skills & Experience: Proficient with SIEM/XDR tools (QRadar, Sentinel, Defender XDR). Strong knowledge of NIST CSF, NCSC CAF, and cloud security (AWS More ❯

regulatory landscapes such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Knowledge of virtualization technologies including Docker, Kubernetes, Linux, etc. Experience with host-based security products and methodologies (e.g., threat detection, end-user detection and response, micro-segmentation, zero trust). Exposure to ITIL environments or structured platform management. Possession of professional certifications such as CISSP, CISM … leadership and subject matter expertise in Cyber Security. Design and deploy security tools for new and existing infrastructure and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and implement mitigating solutions. Manage capacity … wider team to drive automation and data mining in support of cyber goals and the company's digitization transformation. Develop and execute the cyber roadmap for platform development and threat mitigation, in alignment with the unit’s cyber vision and strategy. Continuously enhance professional cyber skills and awareness to stay ahead of cyber threats. Lead complex technical deliverables, ensuring More ❯

technology, now and for generations to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role Overview As a Lead Cyber … threats and technology trends into actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver reusable frameworks and methodologies across … management, and investment planning. Create business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and support career development in advisory More ❯

security for Azure Cloud environments, including Microsoft Defender, Sentinel, and Entra ID solutions. Manage audits, compliance, and supplier security profiles, ensuring adherence to industry standards. Oversee risk management and threat detection to minimize vulnerabilities. Lead the Security Operations Center (SOC) for continuous monitoring and response. Develop and implement technical security solutions (e.g., firewalls, encryption, IDS/IPS). … Personal Attributes: High-level problem-solving and decision-making abilities. Strong leadership, communication, and interpersonal skills. Ability to thrive in high-pressure environments and adapt to an evolving cyber threat landscape. Detail-oriented with a commitment to excellence and security best practices. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Insurance, Technology, Information More ❯

driving enterprise sales, and managing complex cybersecurity engagements. Responsibilities Develop & execute a UK security strategy aligned with Swyft’s global cybersecurity frameworks, ensuring technical alignment with SOC/SIEM, threat intelligence, and compliance requirements. Build and scale a UK cybersecurity team , including pre-sales engineers, SOC analysts, and risk/compliance specialists. Oversee technical sales & enterprise security solutions, working … closely with clients to design, deploy, and optimize Swyft’s Velocity platform for advanced threat detection and response. Ensure adherence to UK/EU cybersecurity regulations ( NCSC guidelines, GDPR, NIS Directive ) and implement security controls in alignment with industry standards ( ISO 27001, CIS, NIST ). Engage with Swyft executives, CISOs, and IT security teams to drive cybersecurity transformation … cloud security adoption, and zero-trust architecture implementations. Manage regional cybersecurity incidents and response strategies, collaborating with global SOC teams to handle threat intelligence, risk assessments, and cyber defense operations. Establish strategic partnerships with UK-based cybersecurity vendors, MSSPs, and government agencies for threat-sharing initiatives. Requirements 10+ years of experience in cybersecurity leadership roles (CISO, Security Director More ❯

Develop and enforce policies for identity and access management, encryption, logging, and monitoring. Collaborate with DevOps, architecture, and security teams to embed secure-by-design practices. Support incident response, threat detection, and cloud-specific vulnerability management. Requirements: 5+ years in cybersecurity, with 2+ years focused on cloud security engineering. Strong experience with AWS, Azure, and/or GCP More ❯

standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects More ❯

a tangible impact on the digital commerce industry. What you will be doing: Security Engineering & Automation : Oversee the deployment, configuration, and tuning of SOC related security tools to enhance detection accuracy, reduce false positives, and manage end-to-end EDR operations. Drive improvements in SOC workflows, automating enrichment processes, and developing playbooks for more efficient alert handling. Security Monitoring … Threat Detection : Continuously monitor security alerts, events, and IoCs across all platforms. You’ll build and deploy queries and scripts, and create dashboards and workflows to enhance visibility and reporting. Proactive Threat Hunting : Develop and implement threat hunting procedures to proactively identify potential risks and vulnerabilities before they escalate. Cloud Security Monitoring : Analyze and manage AWS … providing guidance on incident handling and security best practices. What you’ll need? Experience : Minimum of 5+ years in SOC or incident response roles, with hands-on experience in threat detection and mitigation. Technical Skills : Strong capability in threat detection, incident response, and analysis of complex attack patterns, with a focus on the AWS environment. Skilled More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

strong background in networking, cloud security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves working with SIEM solutions, automating … and manage security controls in cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions (preferably Microsoft Sentinel SIEM ) to … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and certifications to ensure company-wide compliance with industry best practices More ❯