1 to 25 of 27 Threat Detection Jobs in the South West

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we’re looking for We are seeking a client-focused SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Perform hands-on configuration and tuning of SIEM components, setting up alerting, custom dashboards, and data ingestion as needed to support client-specific More ❯

insider threats, DDoS attacks, and phishing. Your responsibilities include detecting, responding to, and mitigating security incidents, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and leveraging threat intelligence. Opportunities to engage in Digital Forensics and operational security are also available. The role offers a unique experience due to the specialized nature … in-house, on-the-job, and external training, including industry-recognized certifications from SANS and OFFSEC. You will be paired with a mentor and gain hands-on experience in threat detection, incident response, and operational strategies. Opportunities for travel, conferences, and staying current with cybersecurity innovations are also available. Rewards and Benefits Starting salary of £36,408 plus More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands-on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth. We’ll More ❯

such as malware, insider threats, DDoS attacks, and phishing. Your day will involve reviewing recent events, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and using threat intelligence to enhance security. You may also support digital forensics during security incidents. About You You should have a passion for IT and cybersecurity … Training and Development We offer in-house and external training opportunities, including certifications from SANS and Offensive Security. You will be mentored and gain hands-on experience in cybersecurity, threat detection, and incident response, with opportunities to attend conferences and travel. Rewards and Benefits Starting salary of £36,408 plus benefits such as 25-30 days annual leave More ❯

analysts and leveraging emerging technologies, the R2 Analyst helps maintain a vigilant and proactive defence against evolving cyber threats, enabling the organisation to operate securely and with confidence. Summary Threat Detection and Monitoring: Monitor the SOAR platform for EDR Logs, SIEM Logs, IDS Logs and Managed Intelligence sources. Identify potential threats, vulnerabilities, and indicators of compromise. Initiate escalation … procedures to counteract potential threats and vulnerabilities. Ability to analyze and interpret threat intelligence feeds and implement protective measures accordingly. Incident Remediation and Documentation: Provide incident remediation and prevention recommendations to customers using established procedures and analyst experience. Document and adhere to security monitoring processes. Apply preventative measures by implementing domain blocking, host isolation and file hash blacklisting. Customer … Compile and review service-focused reports for effective communication. Contribute to the creation and maintenance of security documentation, including incident response playbooks, standard operating procedures, and knowledge base articles. Threat Analysis and Collaboration: Contribute practical insights to the analysis of common security incidents. Maintain working relationships with the Analytic Development and Security Engineering teams. Collaborate with shift partners to More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You’ll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

access to Microsoft’s security product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will stretch your skills, give you … ll own and optimise enterprise-wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise, and optimise log telemetry to … ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed? Experience building and integrating complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry More ❯

strategies. * Train and mentor internal teams on security awareness and best practices. * Engage with stakeholders across the business to communicate risks, strategies, and progress. * Stay current with the evolving threat landscape and emerging technologies. * Support audits and regulatory inspections as required. Essential Skills & Experience: * Proven experience in incident management and cyber security operations. * Strong knowledge of ISO 27001, NIST … and other security frameworks. * Experience with governance, risk, and compliance (GRC) processes. * Familiarity with Security Operations Centres (SOC) and threat detection tools. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams and promote a security-first culture. * Strong stakeholder management and communication skills. * Relevant certifications such as CISSP, CISM, or equivalent. … you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

a multi-disciplined organisation. Ability to coordinate and manage multi-disciplined CS&IA resources including technical specialists, while providing coherent reporting to non-technical business stakeholders. Ability to provide threat detection and monitoring technologies and services. Ability to produce CS&IA incident response plans and coordinating desktop incident response exercises. Broad knowledge and application of common CS&IA More ❯

analytical techniques, machine learning, and statistical modelling to solve complex operational challenges. Working within a secure, multidisciplinary environment, you'll help deliver data-driven insights to support decision-making, threat detection, intelligence analysis, and national defence strategies. Key Responsibilities Develop and deploy data models, machine learning algorithms, and statistical analyses to support defence and national security operations. Work … with structured and unstructured data from diverse sources such as sensors, ISR feeds, satellite imagery, communications, cyber threat logs, and intelligence reports. Collaborate with domain experts, analysts, and engineers to understand mission needs and translate them into actionable data science problems. Design and build data pipelines and processes for data collection, cleansing, transformation, and validation. Support real-time analytics … sensitive or classified data in secure environments. Desirable: Experience in applying data science to one or more of the following: cyber defence, ISR (Intelligence, Surveillance & Reconnaissance), geospatial intelligence (GEOINT), threat modelling, logistics optimisation, or predictive maintenance. Knowledge of NLP, computer vision, or reinforcement learning in defence applications. Experience with edge analytics, secure computing environments, or Federated Learning. Relevant certifications More ❯

awareness initiatives, helping users understand threats and best practices. Reviewing and approving security requests related to new software and hardware. Liaising with internal teams and outsourced providersensuring alignment on threat detection and response. Responding to security queries and requests from across the organisation, providing clear, practical guidance. Involvement in security assurance activities and participation in wider cyber projects More ❯

using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for … vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance, requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience … in risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience … in risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯

and managing network devices, including routers, switches and firewalls and setting up and maintaining VPNs, LANs and WANs Experience with cloud services Understanding of cybersecurity principles and practices including threat detection and prevention Ability to monitor system performance and ensure system availability/reliability In-depth knowledge of IT related to a particular specialty Project Management skills to More ❯