1 to 25 of 28 Threat Detection Jobs in the North West

deeply within our organisational culture and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust IAM policies … Best Practices : Provide technical guidance and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and EUC security. Security Best Practices … such as Powershell & Python. Security Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical solutions. Collaboration and Influence: Effective communicator More ❯

/a Oodle Car Finance). This role will be responsible for managing day-to-day 1st line cyber security operations, working closely with third parties to support cyber threat detection and response. You will also lead the execution of remediation activities following the identification of vulnerabilities and security incidents, ensuring Oodle remains protected against evolving threats. What … data and insights to inform executive briefings and assurance reports. Risk Management, Incident Management, and Regulatory Engagement Support the development and implementation of a robust risk management framework, including threat modelling, vulnerability assessments, and risk assessments aligned with FCA expectations. Lead and coordinate responses to security incidents, such as phishing attacks, malware infections, and data breaches, in compliance with … operations of the 1st line cyber security function, including security operations, security engineering, and security technology deployments. Ensure the implementation and maintenance of security controls, such as firewalls, intrusion detection/prevention systems, endpoint security solutions, and data loss prevention systems. Collaborate with third-party service providers, such as managed security service providers (MSSPs), to manage policies, processes, and More ❯

SharePoint, Teams, and OneDrive, ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. … Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. More ❯

Join to apply for the Threat Hunter role at NCC Group 1 day ago Be among the first 25 applicants Join to apply for the Threat Hunter role at NCC Group Direct message the job poster from NCC Group Threat Hunter We are seeking a highly capable and hands-on Threat Hunter to design and lead … a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You … ll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary More ❯

experienced SOC L3 Analyst with strong engineering knowledge and deep expertise in Microsoft Sentinel and the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption and SIEM integration efforts. 5+ years in cybersecurity with 2+ years in a Level … SOC role Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Security Engineering & Platform Management - Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. - Build and manage data connectors, custom log parsers, and More ❯

our organisational culture and technical operations, ensuring resilient and secure environments. ? Key Responsibilities: Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust IAM policies … Best Practices : Provide technical guidance and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. ? What we’re looking for Solid background in information security with a focus on cloud security, security architecture, and EUC security. Strong technical foundation in … automation/orchestration, with experience in languages such as Powershell & Python. Proven track record in designing and implementing security architectures in complex environments. Experience with security engineering, incident response, threat hunting, or digital forensics. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, Microsoft Security Certifications, AWS Security Specialty. Knowledge of ITIL. ? What will we offer you? At More ❯

and potential threats. Investigate security incidents, conduct forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to ensure configuration conforms … to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response … EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python, PowerShell) for security operations and incident response. What's Next? Click apply below and we will ensure More ❯

the organisation's cyber resilience. As a Senior Cyber Security Analyst, you will play a key role in protecting systems, networks, and data against cyber threats. You will lead threat detection and incident response efforts, support the development of security policies and controls, and work closely with stakeholders to ensure compliance and security best practice across the business. … teams to ensure cyber security best practice is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat … technical background. Detailed understanding of application security along with experience of working alongside software development teams, supporting and advising on best practice to maintain security. Significant experience of endpoint detection and response (EDR) technologies and network detection and response (NDR) technologies. Detailed knowledge of Information Security standards including Cyber Essentials, Cyber Essentials Plus and ISO27001. Good understanding of More ❯

hackajob Preston, England, United Kingdom Join or sign in to find your next job Join to apply for the Lead Threat Detection Analyst role at hackajob hackajob Preston, England, United Kingdom 21 hours ago Be among the first 25 applicants Join to apply for the Lead Threat Detection Analyst role at hackajob Get AI-powered advice … on this job and more exclusive features. hackajob is collaborating with BAE Critical Skills Subsid to connect them with exceptional tech professionals for this role. Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. … threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Essential Your skills and experiences: Experience More ❯

threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Your skills and experiences: Experience of … and shopping discounts - you may also be eligible for an annual incentive. The Cyber Operations team: Cyber Operations is responsible for protecting BAE Systems from Cyber Attack by various threat actors. Not only do we protect BAE Systems and its employees, indirectly we protect those who protect us - who serve in our military and rely on the products and … services we create.Across Threat Intelligence, Detection, Incident Response and now Active Defence we work to evolve cyber operations as a world class capability. All roles in Cyber Operations are supported by Immersive Labs and other training as part of our Cyber Academy. Why BAE Systems? This is a place where you'll be able to make a real More ❯

I am looking for a highly skilled Security Operations & Threat Intelligence Analyst to join a cybersecurity provider dedicated to protecting organizations from cyber threats. With global reach and deep technical expertise, the company delivers advanced threat detection, response, and intelligence services. Its mission is to build a safer digital society by helping businesses stay resilient through proactive … security solutions and trusted partnerships. Responsibilities: As a Security Operations & Threat Intelligence Analyst, you will monitor and investigate security alerts using SIEM tools, conduct threat hunting, and analyze suspicious activity. You ll gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing logs, network traffic, malware behavior, and attack vectors • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions • Familiar with threat intelligence More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

assets against cyber threats. Conduct regular risk assessments and vulnerability scans to identify potential security gaps and mitigate risks effectively. Contribute to a robust security architecture, including firewalls, intrusion detection systems, and encryption mechanisms, to safeguard network infrastructure and data. Monitor security infrastructure for suspicious activities, investigate incidents, and implement incident response procedures to minimize impact and ensure timely … hours ago Manchester Area, United Kingdom 15 hours ago Huddersfield, England, United Kingdom 4 months ago Information Security Analyst - Vulnerability Management Manchester, England, United Kingdom 4 days ago Senior Threat Detection Engineer (Cyber Security) Stockport, England, United Kingdom 1 week ago Manchester, England, United Kingdom 1 week ago We’re unlocking community knowledge in a new way. Experts More ❯

experience to provide technical guidance and mentorship to the existing team members. What You’ll Do: You'll help keep our systems safe by setting up security alerts, improving threat detection, and automating incident response. Managing logs and ensuring our most important assets are protected will be part of your daily tasks. You'll monitor security threats, analyze More ❯

Level 1 (BLT1) or SC-200. This could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands-on experience: Threat Detection & Response: Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar, etc.) and act quickly to counter potential threats. Incident Investigation: Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management: Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence: Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication: Work closely with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: Experience in an IT-focused role with … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

Level 1 (BLT1) or SC-200, this could be the perfect opportunity to transition into security and gain hands-on experience with cutting-edge technology. Gain hands on experience: - Threat Detection & Response – Monitor security alerts using SIEM platforms (Splunk, Sentinel, QRadar etc.) and act fast to counter potential threats. Incident Investigation – Analyse security incidents, conduct forensic investigations, and … support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep security operations running smoothly. The Ideal Profile: - Experience in an IT-focused … cybersecurity and SOC operations. Proactive and analytical thinker with a strong problem-solving mindset. Passionate about emerging security technologies and best practices. Knowledge of core security concepts such as threat intelligence, phishing analysis, malware detection, and attack mitigation strategies. Eager to learn and contribute to a dynamic SOC environment where innovation and collaboration drive success. Ready to elevate More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, , and Office 365 Proficient in handling incidents aligned with MITRE ATT More ❯

Position: Cyber Security Lead Location: Liverpool (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber Security Lead … network infrastructure. Key Responsibilities: Develop and implement a comprehensive cybersecurity strategy to protect our IT environment. Establish, enforce, and regularly update security policies, protocols, and standards. Manage real-time threat detection, incident response, and conduct vulnerability assessments to safeguard our infrastructure. Oversee the deployment of security solutions, working closely with internal teams to strengthen our defences. Collaborate with More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

Position: Cyber Security Lead Location: Manchester (90% remote) Salary: Up to £75,000 + Bonus Key Skills: Penetration testing Vulnerability management Threat detection Cyber defence Security best practices CISSP, CISM or similar certification About the Role Are you a cybersecurity professional looking to lead the charge against evolving digital threats? We are seeking an experienced Cyber Security Lead … network infrastructure. Key Responsibilities: Develop and implement a comprehensive cybersecurity strategy to protect our IT environment. Establish, enforce, and regularly update security policies, protocols, and standards. Manage real-time threat detection, incident response, and conduct vulnerability assessments to safeguard our infrastructure. Oversee the deployment of security solutions, working closely with internal teams to strengthen our defences. Collaborate with More ❯

experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may include: Scripting - Python, Shell. Compliance More ❯

to define security controls. Identify critical components and data flows that require enhanced monitoring. Integrate logs into the SIEM system. Set up alerts and dashboards for monitoring suspicious activity.Threat Detection & Incident Response Coordinate incident triage, investigation, and response specific to CSM solution related security events. Ensure security monitoring aligns with audit and compliance requirements and providing logs, evidence, and More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at www.sophos.com. Role Summary The More ❯

proud and passionate The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the … level of cyber adversaries, methodologies under exploitation, and industry trends. • Identify, develop, and train other analysts using appropriate analytical tools and techniques to interpret gaps, patterns and trends, assess threat, risk and harm and make recommendations in support of decision making, prioritsation and resource allocation. • Ability to correlate intelligence from a variety of sources, to develop and lead understanding … use of analytical products to assist mitigation practices at a tactical and operational level. • Perform a broad range of tasks, bringing together output from stakeholders within Cyber SOC, Malware, Threat Hunting and Vulnerability teams. • Establishing and interpreting requirements to ensure the needs of key stakeholders are met. • Preparing and delivering analytical summaries and briefings to stakeholders to provide a More ❯