25 of 25 Threat Detection Jobs in London

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering … function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy, and designing detection capabilities that protect our global environment. Your new role Lead the coordination and … operation of the internal detection engineering function. Design and implement cyber detection rules and use cases to identify threats across our IT infrastructure. Identify and log visibility gaps, working to improve detection coverage and accuracy. Build and tune custom detection logic for complex environments and emerging threats. Monitor evolving attacker tactics (TTPs), integrating insights into detection More ❯

+ Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll … do: SIEM Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel … coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project Support: Support presales, contribute to new SOC solution scoping, and lead demos where required. What we're looking for: Must More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks … can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat intelligence for More ❯

governance and identity lifecycle processes in a highly View job & apply CTI Analyst Location: London Job type: Permanent Financial Services firm seeks an Operational CTI Analyst to join its Threat Intelligence team. Th View job & apply Senior Manager - BCM Second Line Location: Frankfurt Salary: 125,000 + Benefits Job type: Permanent Sector: Banking We are seeking a Senior Manager … hybrid Job type: Permanent Leading banking group seeks a Cryptography Analyst to join their security team. As an Analyst in We are seeking a highly motivated and skilled Insider Threat Investigations Lead to join a newly formed Insider Threat Team. This role focuses on identifying, preventing, and responding to risks posed by individuals with authorized access to organisational … This role suits someone with strong investigative skills, an analytical mindset, the ability to interpret and act on data, and the capability to execute initiatives that strengthen the insider threat programme. Key Responsibilities Support the delivery of the insider threat programme, including developing tools, standards, and procedures to detect, prevent, and respond to insider threats. Utilise advanced detection More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

digital forensics team. This is a client-facing role where you'll lead DFIR (Digital Forensics & Incident Response) investigations, guide executives through cyber incidents, and help organisations strengthen their threat detection, response, and resilience. If you're an expert in incident response, threat hunting, and forensic analysis and thrive under pressure, this is your opportunity to work … from breach triage and containment to full recovery. Client Engagement: Act as a trusted advisor to CISOs, boards, and regulators, providing executive-level briefings during and after incidents. Forensics & Threat Hunting: Conduct advanced forensic investigations across endpoints, servers, networks, cloud platforms, and SaaS. Adversary Analysis: Use threat intelligence and MITRE ATT&CK to attribute attacks and inform proactive … defences. Crisis Management: Lead coordination between internal stakeholders, third parties, and law enforcement. Cybersecurity Advisory: Help clients improve incident readiness, detection engineering, and response capabilities. Innovation: Contribute to new playbooks, tools, and methodologies to evolve our DFIR practice. Mentorship: Train and coach junior consultants in incident response and digital forensics. Industry Contribution: Publish thought leadership, speak at conferences, and More ❯

the development and delivery of a comprehensive cyber security strategy across both corporate and clinical areas. Oversee the organisation's information security portfolio, including compliance frameworks, risk assessments, and threat intelligence. Provide active leadership for all aspects of cyber security covering infrastructure, applications, and clinical technology. Ensure business operations remain secure and resilient, embedding security at the heart of … service delivery. Maintain an up-to-date understanding of the sector's cyber threat environment and adapt strategies accordingly. Establish, enhance and enforce operational procedures aligned with recognised standards and best practices. Contribute security expertise to major transformation projects, ensuring risks are identified and mitigated. Promote a culture of security awareness across the organisation, communicating risks and best practices … Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident response, threat detection and vulnerability management activities. Strong leadership and stakeholder management skills, with the ability to engage senior executives, boards, and technical teams alike. Experience influencing and embedding a More ❯

deliver runtime-isolated, reproducible models that are easy to deploy, monitor, and update without connectivity. Work closely with data scientists to define clear KPIs and success criteria-such as detection accuracy, latency, false positive/negative rates, explainability, and robustness-to determine what constitutes a production-grade, releasable model. Align model performance goals with the operational realities of the … into actionable requirements. Excellent communication and stakeholder management skills. Comfortable working in a fast-paced, iterative, and agile environment. Preferred Experience: Solid understanding of cyber security concepts such as threat detection, SIEM, anomaly detection, and incident response. Experience with tools for tracking ML models in production (e.g., MLflow). We encourage you to apply even if your More ❯

robust, efficient and globally coordinated security operations that protect the organisation's people, systems, and data. This includes direct ownership of security controls, security testing, vendor management, vulnerability and threat management, and incident response. You will work daily with the Group CISO to support consistent, high-assurance security practices across all regions, in-line with regional regulation and to … for the management of any global Cyber Incidents by supporting the CISO team. Additionally, you will be: Working collaboratively with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the ever-changing threat landscape. Defining and monitoring KPIs for detection, response, and containment performance. … vendors responsible for supporting CFC. Ensuring security controls are deployed, tuned, and monitored effectively across cloud and on-premises assets. Leading the organisation's global vulnerability management program, ensuring threat led and risk-based prioritization, along with collaboration with IT for timely remediation. Leading on and refining the incident response playbooks Support the Group CISO to define security maturity More ❯

manage Cyber Incidents supporting the CISO and CISO team in the co-ordination of managing these events globally, collaborate with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the constantly changing threat landscape and define and monitor KPIs regarding detection, response and containment. … a strong technical security operations background with experience of leading SOCs or Security Operations teams within regulated environments You have an indepth knowledge of core security operations practices: SIEM, threat hunting, vulnerability management, incident response You have a good understanding of common threat actor tactics (MITRE ATT&CK), modern malware, and intrusion techniques You have experience of supporting More ❯

ll manage Cyber Incidents supporting the CISO and CISO team in the coordination of managing these events globally, collaborate with the SOC to ensure 24/7 visibility and threat detection across global environments, driving maturity and constant improvements to support the constantly changing threat landscape and define and monitor KPIs regarding detection, response and containment. … strong technical security operations background with experience of leading SOCs or Security Operations teams within regulated environments * You have an in-depth knowledge of core security operations practices: SIEM, threat hunting, vulnerability management, incident response * You have a good understanding of common threat actor tactics (MITRE ATT&CK), modern malware, and intrusion techniques * You have experience of supporting More ❯

projects. Key Responsibilities: Maintain strong security posture across cloud infrastructure Manage vulnerabilities and support regular system maintenance Design, implement, and manage security tooling in cloud environments ( AWS focus ) Support threat detection, incident response, and risk mitigation activities Contribute to compliance initiatives (ISO 27001, CIS benchmarks ) Collaborate with infrastructure and platform teams to embed security controls Apply secure DevOps … practices (code scanning, container security, IaC) Support governance, reporting, and vulnerability management processes Participate in security reviews, threat assessments, and architecture decisions Key Requirements: 3+ years’ hands-on experience with AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub) Strong knowledge of cloud governance and security best practices Familiarity with CI/CD pipelines and DevSecOps approaches Experience with More ❯

networking (SDN), and AI-driven automation. Ensure end-to-end network automation to improve operational efficiency, agility, and reliability. Drive zero-trust network security principles, ensuring compliance and proactive threat mitigation. Establish a global observability and telemetry framework for real-time network insights. Align network strategies with business growth, cloud-first initiatives, and digital transformation. Network Infrastructure & Cloud Networking … Code (IaC) for network automation, ensuring agility and operational efficiency. IT Service Management & Operational Excellence: Establish network reliability objectives, including SLOs, SLIs, and error budgets. Implement real-time incident detection and response using AI-driven network analytics. Ensure high availability, network resilience, and 24x7 operational support. Develop a follow-the-sun support model, ensuring global network performance optimization. Implement … trust security frameworks, ensuring secure and resilient network access. Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate with cybersecurity teams to enhance network threat detection and mitigation. Implement automated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimize network infrastructure spending, ensuring cost-effective, high-performance connectivity. Lead More ❯

Lead the design and implementation of scalable, automated solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all More ❯

Expertise Deep understanding of enterprise security technologies, including: Firewalls, endpoint protection, SIEM/SOAR, IAM, DLP, SASE, Zero Trust. Public cloud security services (AWS, Azure, GCP). Data protection, threat detection, and compliance tooling. Broad understanding of enterprise IT environments and how security integrates across them. Certifications (Preferred) Security certifications: CISSP, CCSP, or equivalent. Vendor certifications (e.g., Palo More ❯

adoption and effective use. Contribute to internal process documentation and improvement initiatives, ensuring procedures support a consistent and high-quality customer experience. Deliver proactive communications to customers on relevant threat intelligence, product enhancements, best practices, and industry developments. Advocate for customers internally, ensuring their needs and feedback influence product development and service improvements. Support the introduction and adoption of … audiences. Ability to manage multiple customer accounts, prioritising effectively in a fast-paced environment. Experience driving customer satisfaction and retention through proactive engagement. Understanding of key concepts in cybersecurity, threat detection, and managed security services. Familiarity with ITIL service management principles. Experience presenting to senior stakeholders and technical teams. Exposure to security technologies such as EDR, SIEM and More ❯

and domain expert within the organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work with other engineering leaders to … embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews. Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security controls and supervising strategies to grow our threat detection capabilities. Seek opportunities for … tooling and automation. What You'll Bring 5+ years of proven experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth More ❯

and align frameworks to protect business assets. You will join a collaborative environment focused on embedding long-term security resilience across the organisation. With growing regulatory expectations and evolving threat landscapes, this is a fantastic opportunity to lead high-impact initiatives and shape the future of cyber security within a complex enterprise. As part of this role, you will … to NIST CSF, CIS Controls, and defence-in-depth strategies. Strong background in stakeholder engagement, vendor management, and program governance. Experience across key security domains including cloud security, IAM, threat detection, and remediation. Excellent communication skills and the ability to influence at senior levels. This role offers hybrid working closely with the wider team in a central London More ❯

and align frameworks to protect business assets. You will join a collaborative environment focused on embedding long-term security resilience across the organisation. With growing regulatory expectations and evolving threat landscapes, this is a fantastic opportunity to lead high-impact initiatives and shape the future of cyber security within a complex enterprise. As part of this role, you will … to NIST CSF, CIS Controls, and defence-in-depth strategies. Strong background in stakeholder engagement, vendor management, and program governance. Experience across key security domains including cloud security, IAM, threat detection, and remediation. Excellent communication skills and the ability to influence at senior levels. This role offers hybrid working closely with the wider team in a central London More ❯

Security, Compliance & Governance: Ensure compliance with corporate security and privacy policies through proactive monitoring and enforcement. Partner with cyber and ISRM teams to integrate secure access into incident response, threat detection, and policy governance workflows. Support enforcement of access policies for third-party, BYOD, and contractor devices using secure, scalable methods. Collaboration & User Experience: Work closely with cyber More ❯

commercial and technical expertise, supporting solution design, shaping customer proposals, and guiding conversations from scoping through to delivery. Key experience Background in managed security services, including SOC operations and threat detection Strong knowledge of cloud and on-prem security tooling (SIEM, EDR, IAM) Penetration testing Proven ability to translate technical concepts into clear business value Confident in customer More ❯

is fully remote. For location-specific details, please connect with our recruiting team. What You Will Do: Product Strategy : Create roadmaps in tandem with engineers for products like AI threat detection, post-quantum cryptography, managed rulesets etc. Build customer trust in Vercel's comprehensive security capabilities. Pricing : Collaborate with product managers and engineers to price new and existing More ❯

experienced Principal Security Engineer to join the Security team in Australia. You will be on a team responsible for conducting both pre and post launch testing, offensive campaigns, emergent threat testing, creating/maintaining automated threat emulation solutions, and helping security and service teams add offensive insight to their development, deployment, monitoring, and response processes. This team partners … the larger Security organization and Service teams to continuously validate security throughout the service/system lifecycle. You will be an expert across multiple domains such as cyber security; threat, vulnerability and risk assessments (TVRA), security tools (e.g. Splunk, Crowstrike, etc.), application of security frameworks (e.g. ISM, NIST, etc.) and/or implementation and monitoring of cyber security controls … i.e. detection, protection, alerting, etc.) and will be sought out for advice on a range of technical and business related issues. Your role will help ensure that our systems and processes are secured against the latest threats and you will lead security testing of large Amazon projects while setting standards and defining best practices for the Security team. You More ❯

for a builder who thrives on fast-paced, high-impact work-someone who is just as comfortable shaping product strategy as they are digging into the latest LLMs for threat detection. This remote position is open to candidates who are located in the UK or Ireland. AI Innovation at Dataminr Working at Dataminr you'll have the opportunity to … our clients to stay one step ahead in an increasingly complex world where every second counts. Founded in 2009, we have pioneered the world's first real-time event detection platform, long before the recent Gen AI 'boom.' Dataminr operates all around the world united by our passion to use AI for the greater good, be agents of positive More ❯

methods. You'll be building the next generation of security infrastructure from the ground up and expanding platform capabilities - think high-performance C# systems, scalable cloud-native architecture, and detection tools designed for speed, precision and resilience. What You'll Do Design and build distributed systems in C# for cloud-based threat detection. Develop scalable services that handle More ❯