1 to 25 of 82 Threat Detection Jobs in the UK

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit … someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team , you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

Contract Threat Detection Engineer (Delivery Focused) Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations … integrations are delivered effectively and aligned to operational priorities. Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning ...

Cyber Threat Intelligence Analyst Salary £50,000 - £60,000 - Hybrid - WFH Euro Projects Recruitment is working with a leading Microsoft Partner in Scotland to recruit a permanent Cyber Threat Intelligence Analyst . This is a genuine Cyber Threat Intelligence Analyst role with a strong focus on proactive … threat hunting, intelligence-led investigations and client engagement. The successful Cyber Threat Intelligence Analyst will work closely with SOC analysts, incident responders and engineering teams, using the Microsoft security stack to identify, analyse and mitigate cyber threats. The Role Cyber Threat Intelligence Analyst As a Cyber Threat ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team , you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategie click apply for full job details ...

Contract Threat Detection Engineer (Delivery Focused) Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security … incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection ...

defensive activities, monitor and analyse alerts, respond to incidents and ensure the organisation's security posture remains robust, proactive and threat-ready. You'll work closely with an outsourced 24/7 SOC, validating the quality of their service and acting swiftly on escalations. You'll maintain, optimise … enhance a broad suite of security tools, including EDR, SIEM, email security, cloud security platforms, vulnerability management tooling and threat-detection technologies, ensuring they are configured to best practice and delivering maximum protection. You'll conduct vulnerability scanning, oversee patching cycles, perform cloud security assessments, refine playbooks, support ...

GDPRcompliance Implement and manage security controls across Microsoft 365 and cloud environments Deploy and operate managed security tools (EDR, AV, email security, threat detection) Monitor vulnerabilities and investigate security incidents Produce clear security reports and client recommendations Deliver security awareness training and phishing simulations Work closely with internal … technical teams to improve overall security posture Essential Experience Background in cyber security within an MSP or multi-client environment Strong understanding of threat detection, incident response, and vulnerability management Hands-on experience securing Microsoft 365/Azure AD Knowledge of EDR, AV, email security, and network security ...

role, and you’re ready to make it your core focus. This role suits someone who has been actively involved in security monitoring , threat detection , vulnerability management , or incident response, and now wants to deepen their expertise in a dedicated cyber security position. The role: You’ll play … alongside relevant commercial experience. What matters most is that you can demonstrate real, practical exposure to cyber security, including: Security monitoring and alert investigation Threat detection and vulnerability assessment Experience with tools such as SIEM, IDS/IPS, firewalls, and endpoint protection A good understanding of common attack ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid/Wigan - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical … sources (AD, firewalls, servers, cloud infrastructure) Manage event collection and forwarding infrastructure Implement data filtering and custom log parsing Threat Detection & Use Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

incident response activities, while also advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR … endpoint security events, including AV scans and incident remediation, validating security alerts. Collaborate with security teams and external authorities to improve incident reporting, detection, and response capabilities. Support the development and maintenance of security policies, standards, and incident response playbooks. Job Requirements: Significant experience in digital forensics, incident response ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

offshore operations , ensuring seamless communication, transparency, and alignment of SOC deliverables. The SOC Lead/Manager will oversee daily BAU SOC functions, drive threat detection and response improvements, provide governance, and ensure the timely delivery of all operational and strategic security services. This position requires strong technical expertise … customer on incident status, ongoing investigations, and risk posture. SOC Leadership & Operations Management Oversee and guide the offshore SOC analysts (L1, L2, L3, Threat Hunters) to ensure efficient 24×7 operations. Define, maintain, and enforce SOC operational procedures, response processes, and escalation workflows. Monitor SOC performance, quality of investigations ...

Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge ...

understand security threats and best practice around emerging AI technologies. Educate the wider security team on AI-related risks, vulnerabilities, and use cases. Threat Detection & Response Support monitoring, detection, and incident response within cloud environments. Help mature vulnerability management processes and security playbooks. Compliance & Risk Ensure cloud ...

Essential Experience of designing and implementing cyber security platform solutions Experience with delivery of significant Cyber Security projects in domains, e.g. Attack Surface Management, Threat Detection and Response, Identity Access Management, Information Integrity and Protection and/or Infrastructure Security. Experience working with AWS technologies. Experience of best … Standards: Mastery of NIST CSF, ISO 27001, CISM and Cyber Essentials Plus, with the ability to apply them practically in a cloud -native environment. Threat Modelling: Proficiency in applied threat modelling techniques (e.g., STRIDE, PASTA) at the design stage of the lifecycle. Security -as -Code: Familiarity with automated ...