20 of 20 Threat Detection Jobs in London

Cyber Threat Specialist (Blue Team) - Financial Services - London - Hybrid - Excellent Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working closely with engineering, infrastructure and security teams, you will help design, implement and optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What you'll be doing Deliver hands ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

Defender XDR, Sentinel, Entra ID • SIEM/XDR: Microsoft Sentinel (KQL), SentinelOne (S1QL) • Exposure to other platforms such as CrowdStrike, or Elastic a plus • Threat intelligence integration and detection tuning • Tooling: KQL, S1QL, PowerShell, API usage Join us and help strengthen the defensive capability of the organisations … support. You will focus on building, tuning, and improving detection logic across Microsoft and modern XDR platforms. This role sits at the centre of threat detection, platform optimisation, and continuous improvement. You’ll work closely with SOC analysts, engineers, and threat intelligence practitioners to build high ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

Position: Threat Defence Delivery Manager Location: London/Hybrid Type: Contract, Inside IR35, 6 Months Rate: £(Apply online only) p/day We are seeking an experienced Threat Defence Delivery Manager to lead a critical workstream within a major cyber transformation programme. This role is responsible for consolidating … enhancing the organisation's threat detection and response capabilities across all business units. In this role, you will: Lead the implementation of a unified Security Operations Centre (SOC), providing a single view of security events while supporting federated reporting for individual business units. Manage the selection and onboarding ...

multiple platforms, including Microsoft and endpoint security tools. Conduct in-depth investigations of security events, escalating and containing incidents as required. Optimise and tune detection rules, policies, and alerting mechanisms to improve SOC efficiency. Collaborate with internal teams to support security operations, threat analysis, and incident recovery. Produce … Expertise Sentinel, MDE, and MDI deployments Proven experience in a hands-on SOC Analyst role within an enterprise environment Strong understanding of security operations, threat detection, and incident response workflows Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with ...

technical authority for cyber security operations , owning the end-to-end security lifecycle across enterprise infrastructure. Key responsibilities include: Security monitoring, threat hunting and incident response SIEM, MDR oversight and vulnerability management Firewall, VPN, IDS/IPS and Zero Trust technologies Pen testing coordination and CVSS-led remediation Security … Zscaler (ZIA/ZPA/ZDX), Splunk, Sophos MDR, Mimecast, Okta Networking: Cisco (Catalyst, Nexus), Fortinet, firewalls and VPNs Security Ops: SIEM, intrusion detection, ethical hacking Scripting: PowerShell What They’re Looking For Proven experience in a security-focused infrastructure role Strong hands-on expertise with firewalls, SIEM ...

OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection … Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will "Bridge the Gap" Between Manual Research & Scalable, Real-Time Threat Simulation. Skills & Experience of Cyber Security Engineer: Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade ...

applications and privileged roles. Privileged Access & Security Integration Architect and enhance Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring. Champion identity threat detection and response (ITDR) approaches to mitigate identity-based attacks. Integrate IAM with HR, IT, and engineering systems to support automated joiner/ ...

platform products, systems, and solutions Experience delivering end-to-end cybersecurity solutions across complex programmes and projects Strong knowledge of cybersecurity domains such as Threat Detection and Response, Identity and Access Management, Infrastructure Security, or Information Protection Hands-on experience with AWS technologies and cloud security architectures Familiarity ...

seamless integration of multi-factor authentication with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response solutions to proactively identify and mitigate identity-based attacks. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos ...

strong vendor management, contract negotiation, and service performance governance. solid grounding in data architecture, governance, BI, and data-driven KPIs. experience implementing cybersecurity strategies, threat detection, and incident response. financial acumen across budgeting, forecasting, and ROI optimisation. an eye to the future - showing a passion for emerging technologies ...

forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineeri click apply for full job details ...

Trusted by thousands of organisations worldwide to reduce risk, detect threats, and meet compliance requirements. Provides market-leading solutions for data classification, access governance, threat detection, and insider risk management. The Role: Understand customer requirements and integrate data security solutions into their environment. Present technical information about products ...

with strong relationship-building skills Cyber security sales experience would be a nice to have, including: Managed security services such as MDR and XDR Threat detection and response Identity and Access Management (IAM) Data governance and data security Ability to position solutions against business risk and measurable outcomes ...