1 to 25 of 26 Threat Detection Jobs in the South East

SIEM Analyst/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a SIEM Analyst Cyber Threat Detection, you will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using ...

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high … impact detection capabilities , shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop ...

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer to strengthen and evolve advanced threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

emerging AI technologies. You will play a central role in designing, implementing, and continuously improving security capabilities that are increasingly enhanced by AI-driven detection, automation, and intelligent decision support.The position combines deep technical security engineering with forward-looking exploration of AI-enabled security systems, detection engineering … adaptive security systems that evolve alongside both cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging ...

week) £65,000 + benefits We're supporting a major organisation operating within a Critical National Infrastructure (CNI) environment to hire a Senior Cyber Threat Hunter Specialist. This is a hands-on, high-impact role embedded within a mature Security Operations Centre, focused on protecting essential services. The Opportunity … play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse ...

seeking an experienced Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally …/CD pipeline design and implementation Proven experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach ...

responsibilities: Design and develop advanced risk models, including predictive, probabilistic, and scenario-based modelling approaches Apply data science techniques to risk scoring, anomaly detection, and threat assessment across complex datasets Build and deploy machine learning models into production, ensuring scalability and robustness Develop scenario simulations to model potential … predictive, probabilistic, simulation-based) in real environments Deep experience in risk modelling, including risk scoring frameworks, predictive risk analytics, and scenario modelling Experience in threat detection/anomaly detection, such as fraud, compliance, safety, or security use cases Strong grounding in statistics, hypothesis testing, and experimental design ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service. This role operates on a Monday to Friday ...

scaling a Next-Gen AI SOC (Autonomic Security Operations Model) Lead on investigations, and respond to security incidents across multiple client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/… other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures Collaborate with infrastructure and engineering teams to strengthen security posture Produce detailed incident reports and client-facing documentation Assist with vulnerability management and security compliance activities Contribute to mentoring ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation's defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat Detection & Prevention Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation. Tune and optimise security tooling to improve detection capability ...

Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention Proactively identify emerging threats, vulnerabilities, and attack patterns affecting the organisation. Tune and optimise security tools to reduce false positives … improve detection accuracy. Implement, manage, and maintain endpoint protection and security policies. Support vulnerability management activities, including remediation planning and risk tracking. Security Operations & Continuous Improvement Maintain and enhance security monitoring rules, alerts, and dashboards. Contribute to the development and maintenance of security runbooks and incident response playbooks. Support ...

focuses on delivering Thames Water’s cyber strategy across IT and OT environments. You will design, implement and maintain security capabilities that enable early threat detection, rapid response and sustained cyber risk reduction. You must obtain Counter Terrorist Check (CTC) clearance. Responsibilities Collaborate with stakeholders to design, implement … maintain security controls that are effective, measurable and sustainable. Implement and maintain detection and response capabilities through SIEM integration, improving time‐to‐detect and time‐to‐remediate. Participate in a 24x7 on‐call support rota, responding to SIEM health alerts and restoring log ingestion. Manage use cases, perform data ...

containment and mitigation activities where authorised, including coordinating response actions with relevant teams and tooling. Continuous Improvement and PIR Learnings Develop and fine-tune detection rules and alerts to identify malicious activity, validating effectiveness and reducing false positives. Identify and implement lessons learned from incidents and post-incident reviews … PIRs) to improve processes, runbooks, and detection logic. Contribute to a culture of quality and standardisation by improving documentation and operational practices. Skills and Experience Required Strong technical communication skills in time-pressured environments, with excellent written communication (clear, structured incident notes and stakeholder updates). Strong foundational knowledge ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

governance, compliance and risk activity aligned to ISO 27001 and NIST. Requirements: Experience in Security Operations, Cyber Security Engineering or SecOps. Strong knowledge of threat detection, incident response, endpoint security and vulnerability management. Exposure to Microsoft Azure. Experience with tools such as CrowdStrike, Absolute, Sumo Logic, Rapid7 ...

initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such … technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

Network+ Exposure to SOC environments, security monitoring, or penetration testing Experience in a client-facing technical role Understanding of endpoint security, vulnerability management, or threat detection tools Why Join Career Development – Opportunity to grow within cybersecurity and operations Hands-On Experience – Exposure to real-world enterprise security environments ...

application hardening standards, ensuring strong, consistent security configurations across environments Act as an on-call responder for security incidents, taking full ownership from detection through to resolution and post-incident improvement Collaborate with Information Security and leadership teams to ensure compliance with relevant standards and frameworks (e.g. Cyber Essentials … parsing, and alerting rule development Experience working within compliance-driven or regulated environments A strong security mindset, with a focus on access control, threat detection, and auditability The ability to balance robust security controls with operational efficiency High levels of autonomy and sound judgement, with the ability ...

Sophos firewalls, including SD-WAN, intrusion prevention, and web filtering policies Familiarity with Microsoft Sentinel (SIEM) and Microsoft Defender for Endpoint for security monitoring, threat detection, and incident response Familiarity with infrastructure and application monitoring tools, such as Auvik or WhatsUp Gold for network monitoring and Datadog ...

Microsoft 365 estate within a high value research environment. Acting as the organisation's trusted specialist, you will oversee identity protection, access governance, cloud threat defence and compliance across Entra ID, Conditional Access, MFA, PIM, Microsoft Defender, Purview and related services. You will be responsible for diagnosing complex issues … need to succeed You will bring substantial hands on experience in Microsoft 365 security, with a deep understanding of identity protection, access control, threat detection and compliance You'll have operated in complex or hybrid environments and will be fully confident configuring, troubleshooting and enhancing services such ...

data centre cross-connects, Smart Wires (EoF/EoC), resiliency (dual/single path), national and international reach. Next Generation Firewall:HA pair deployment, threat detection, policy enforcement, and continuous monitoring. LAN & Wi-Fi:Wired and wireless infrastructure across all sites, incident classification and rapid resolution, monthly site ...