1 to 25 of 209 Threat Detection Jobs in the UK excluding London

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we’re looking for We are seeking a client-focused SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Perform hands-on configuration and tuning of SIEM components, setting up alerting, custom dashboards, and data ingestion as needed to support client-specific More ❯

Cloud Security Architecture & Implementation Design and implement cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring … tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar. Familiarity with compliance More ❯

manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) Lead technical workshops & architecture design sessions Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) Perform threat detection, incident response & forensic analysis What We’re Looking For: 4+ years in Cyber Security within an MSP or similar environment Hands-on expertise in SIEM, EDR, firewalls More ❯

manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) 🔹 Lead technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP More ❯

ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. Please note that in this role, you will have an 8x5 Monday-Friday schedule, with flexibility to respond to after-hours pages for potentially major security incidents to More ❯

by delivering tailored security solutions that keep them resilient and secure. The Role We are seeking a Security Analyst to join our team and play a key role in threat detection, incident response, and security monitoring. The ideal candidate will have a strong analytical mindset, an understanding of cyber threats and attack techniques, and the ability to implement … learning, staying up to date with emerging threats, attack techniques, and security technologies . You are proactive, adaptable, and always looking for ways to improve security operations. Key Responsibilities Threat Detection & Security Monitoring Continuously monitor SIEM, IDS/IPS, firewalls, and endpoint security tools to identify suspicious activity. Analyze and correlate security alerts to detect potential cyber threats … and data breaches. Perform log analysis and anomaly detection to identify patterns indicative of compromise. Incident Response & Threat Investigation Investigate security incidents, phishing attempts, malware infections, and unauthorized access events. Develop and implement remediation strategies to mitigate security risks. Conduct digital forensics and root cause analysis on security breaches. Work closely with internal teams and clients to ensure More ❯

Partner @ Cooper Parry | Recruiting for Central Functions | #1 Accountancy firm to work for in the UK About The Role... Are you a cybersecurity professional with a solid foundation in threat detection and response, looking to deepen your impact in a dynamic IT environment? Do you have hands-on experience with Microsoft Sentinel and Microsoft Defender, and a passion … join our innovative and fast-growing team at the trailblazing Rebels of Accountancy. In this role, you’ll take ownership of monitoring and responding to security incidents, fine-tuning detection rules, and enhancing our security operations using cutting-edge tools. You’ll collaborate closely with the wider tech team to ensure our digital environment remains secure, resilient, and compliant. … Work closely with our Security Operations Centre to monitor and investigate security alerts generated by Microsoft Sentinel and Microsoft Defender Collaborate with our SoC to develop, refine, and optimize detection rules and custom alerts, ensuring alerting mechanisms are aligned with evolving threat landscapes while reducing false positives and enhancing actionable insights Conduct regular vulnerability assessments, interpret scan results More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

deeply within our organisational culture and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and enforce robust IAM policies … Best Practices : Provide technical guidance and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we’re looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and EUC security. Security Best Practices … such as Powershell & Python. Security Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical solutions. Collaboration and Influence: Effective communicator More ❯

and incident response. Key Responsibilities: Lead security assessments and provide expert guidance on risk mitigation Design and implement robust security controls across systems and networks Support incident response and threat detection activities Collaborate with DevOps and infrastructure teams on secure design and delivery Advise clients on best practices aligned with industry standards and frameworks Requirements: Proven experience in More ❯

coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to … be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands-on experience in cyber security, threat detection, incident response, and operational and defensive strategies. This will support your professional development and growth. Opportunities to travel, attend conferences, and stay updated with cyber security innovations More ❯

SharePoint, Teams, and OneDrive, ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. … Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. More ❯

of cloud adoption. Technical Leadership & Delivery Support Act as a technical mentor for development teams, ensuring best practices in cloud solution implementation. Oversee cloud security controls, including access management, threat detection, and incident response strategies. Troubleshoot and resolve complex cloud infrastructure and application architecture challenges. Your Profile Essential skills/knowledge/experience: Cloud Expertise: Extensive hands-on …/CD automation. Deep understanding of transitioning strategies from legacy to cloud-native applications. Security & Compliance - Strong understanding of cloud security controls, IAM, compliance frameworks (GDPR, SOC2, NIST), and threat mitigation strategies. Strategic Collaboration - Experience working with CIOs and IT leaders to define digital transformation roadmaps. TOGAF Certification Microsoft Azure Solutions Architect SABSA (Security Architecture) AWS Certified Solutions Architect More ❯

Cyber Threat Hunter/Threat Intelligence Analyst/Cyber Threat Analyst/Threat Detection Analyst/Security Operations Center (SOC) Analyst/SOC Analyst/Cybersecurity Analyst/Threat Hunting/AWS/Azure/Microsoft 365 Warwickshire Permanent role - £40,000 60,000. One of our leading clients is looking to recruit a … Cyber Threat Hunter/Analyst. Location Warwickshire/Remote (2 days per month in office) Salary £40,000 60,000 Experience: Working in Security Operation Centres, incident response or threat hunting and associated technologies used by these roles and functions. Experience with cloud security tools and platforms (e.g., AWS, Azure, Microsoft 365) Strong documentation skills in order to … provide high quality documentation for internal customers and technical teams. A good knowledge of Active Directory and Entra, knowledge of Endpoint Operating System fundamentals. Demonstrable expertise in threat hunting practices and methodologies with experience in Threat Intelligence platforms and sources. Strong understanding and experience with Windows and its related logging/telemetry. Strong and demonstrable practical experience responding More ❯

Join to apply for the Threat Hunter role at NCC Group 1 day ago Be among the first 25 applicants Join to apply for the Threat Hunter role at NCC Group Direct message the job poster from NCC Group Threat Hunter We are seeking a highly capable and hands-on Threat Hunter to design and lead … a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You … ll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary More ❯

in cybersecurity operations and artificial intelligence technologies. The ideal candidate will have deep technical expertise in AI/ML, data science, and programming, alongside a solid understanding of cyber threat detection and defensive operations frameworks. You will be instrumental in designing and implementing full-stack AI-driven solutions to enhance our cybersecurity capabilities. Key Responsibilities: · Design, develop, and … deploy full-stack AI solutions with a focus on cybersecurity threat detection and response. · Apply AI/ML techniques such as NLP, supervised/unsupervised learning, and generative AI to real-world security data. · Integrate AI models into scalable applications using modern full-stack development tools and frameworks. · Collaborate with cybersecurity teams to build and enhance detection … and Scikit-learn to prototype and optimize AI models. · Communicate complex technical concepts clearly to both technical and non-technical stakeholders. · Stay up-to-date with emerging AI trends, threat intelligence, and evolving attack techniques. · Participate in code reviews, threat modeling, and architectural design discussions. Qualifications & Skills: · Bachelor’s or Master’s degree in Computer Science, Information Technology More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … SOC team Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of digital defence—leading incident More ❯

experienced SOC L3 Analyst with strong engineering knowledge and deep expertise in Microsoft Sentinel and the Microsoft Defender suite. The ideal candidate will take a lead role in advanced threat detection, incident response, detection engineering, and security monitoring, while also optimizing license consumption and SIEM integration efforts. 5+ years in cybersecurity with 2+ years in a Level … SOC role Key Responsibilities: Advanced Threat Detection & Incident Response - Investigate and analyze complex security incidents escalated from L1/L2 SOC analysts. - Leverage Microsoft Sentinel (SIEM) and Microsoft Defender XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Security Engineering & Platform Management - Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. - Build and manage data connectors, custom log parsers, and More ❯

Onsite 2-3 days a week) Ideal candidates will have the following: 3-4 years of experience in SIEM consulting, SOC, or security operations roles with a focus on threat detection and response. Hands-on experience with at least one major SIEM platform (e.g. Splunk, Elastic SIEM, IBM QRadar). Familiarity with cloud security tools such as AWS … Security Center, or Google Cloud Security. Background in client-facing roles or consulting, with the ability to communicate complex technical concepts clearly and effectively to clients. Strong understanding of threat detection methodologies, security frameworks (e.g., NIST, ISO 27001), and compliance requirements. Relevant cybersecurity certifications, such as CISSP, GIAC (e.g., GCIA, GCIH), or Splunk certification (e.g., Splunk Core Certified More ❯

the Cadworks Building, Glasgow. The Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable defences. This role is hands … of conditional access, Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with … SWG services. Enforce network segmentation, micro-perimeter security, and policy-based routing for hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry More ❯

insider threats, DDoS attacks, and phishing. Your responsibilities include detecting, responding to, and mitigating security incidents, analyzing alerts, logs, network traffic, and endpoint data using tools like Splunk, developing detection content, and leveraging threat intelligence. Opportunities to engage in Digital Forensics and operational security are also available. The role offers a unique experience due to the specialized nature … in-house, on-the-job, and external training, including industry-recognized certifications from SANS and OFFSEC. You will be paired with a mentor and gain hands-on experience in threat detection, incident response, and operational strategies. Opportunities for travel, conferences, and staying current with cybersecurity innovations are also available. Rewards and Benefits Starting salary of £36,408 plus More ❯

You’ll collaborate with technical teams to deepen understanding of operational activities, develop defensive strategies, analyze alerts, logs, network traffic, and endpoint data using tools like Splunk, and develop detection content. You will also utilize threat intelligence to proactively enhance security measures and respond swiftly to incidents, including digital forensics support. The role offers unique challenges due to … house, on-the-job, and external training, including industry-recognized certifications with SANS Institute and OFFSEC. You will be paired with a mentor and gain hands-on experience in threat detection, incident response, and operational strategies. Opportunities for travel, conferences, and staying abreast of cyber security innovations are available but not mandatory. Rewards and Benefits Starting salary of More ❯