1 to 25 of 40 Threat Detection Jobs in the UK excluding London

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit … someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London or Remote Type: Permanent, full time Hybrid role, happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities … keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager ...

protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month … exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain ...

security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners … develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage ...

join their team in Stevenage. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: This role will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety … security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. Effective Tier 1 to 2 alert triage of security events Monitoring ...

pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more REQ5277 We’re seeking a technical Senior Security Analyst to lead threat detection, incident response, and control validation across various cloud security platforms such as, but not exclusive to, Microsoft security suite, AWS workloads, CNAPP … Handle complex threats, lead incident response, and shape security policy Oversee and lead investigations across various cloud security suites Develop and maintain KQL-based detection rules, hunting queries, and alert tuning strategies. Coordinate incident response playbooks across hybrid environments, including AWS EC2, Lambda, and containerized workloads. Contribute ...

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach ...

security transformation. As Security Engineer, you'll lead the deployment and optimisation of CrowdStrike Falcon across the organisation, ensuring endpoints are protected, and threat detection is fully operational. You'll collaborate with internal teams and external partners to integrate CrowdStrike into our environment, fine-tune configurations and provide … engineer with proven experience deploying CrowdStrike at least 3 times in enterprise environments. You have deep technical knowledge of endpoint security, EDR tools and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

Analyst . This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible … detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). ...

detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). … Perform threat-hunting, log-analysis (including firewall, web/email filters), implement or review DLP controls, and collaborate with infrastructure/cloud/application teams on remediation and security posture improvements. Contribute to continuous improvement of SOC processes (alert tuning, log-source enrichment, documentation), and take part ...

resilience. You’ll have the freedom to make a real impact—defining strategy, driving continual improvement, and mentoring talented analysts to deliver world-class detection and response capabilities. As the SOC Operations Manager, you will: Lead and develop a skilled SOC team, inspiring a culture of continuous learning … technical excellence. Oversee the full lifecycle of security incidents — from detection through to resolution and review. Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities. Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards. Oversee vulnerability management, threat ...

detect, defend, and deliver across multiple secure projects.If you love taking ownership, working with cutting-edge tools, and leading the way in proactive threat detection, this is the role for you.As the Lead SIEM Engineer, you will: Leading the design, development and tuning of SIEM content – rules, dashboards … spot threats fast. Acting as the technical authority on SIEM engineering, ensuring the platform runs efficiently and delivers real value. Working with SOC Analysts, Threat Hunters and Architects to enhance SIEM use cases and boost detection accuracy. Bringing new ideas and threat intelligence to evolve the SIEM ...

Monitoring Lead day to day security operations and act as the primary contact for the third party SOC. Analyse and interpret logs, alerts, and threat data to identify potential security incidents. Ensure security tooling is correctly configured, operational, and fully utilised. Threat Detection, Incident Response & Vulnerability Management ...

throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You’ll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain … controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate and enhance ...

triaging alerts across secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat … experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness ...

Microsoft Teams Calling. Now, we're growing our Managed Security Services team and looking for a Senior Security Engineer with a passion for proactive threat detection, automation, and innovation. Why Join Quorum? Highly competitive salary + Bonus scheme linked to Microsoft accreditations Flexible holiday buying/selling Home … detect, and respond to evolving cyber threats. Your day-to-day will include: Leading as an escalation point for cyber incidents and alerts Integrating threat intelligence into Microsoft Defender and Sentinel Developing, tuning, and managing detection rules and response policies Performing threat hunting across client environments Maintaining ...

Proficient with Veeam for backup/replication. Experience in DR planning, failover, and resilience testing. Security & Compliance Strong grasp of cybersecurity (firewalls, EPP, vulnerabilities, threat detection). Understanding of ISO 27001 and GDPR; audit support experience. Familiar with SIEM tools (Splunk, Sentinel). Operating Systems & Automation Working knowledge ...

design, deployment, and optimisation of advanced security capabilities across a complex virtualised environment. You will work closely with technical leads to enhance firewall, threat protection, monitoring, and investigative capabilities within VMware security platforms. What You'll Be Doing Firewall & Platform Enablement (vDefend DFW) Supporting deployment of the platform … macro, meso, and micro-segmentation policies Assisting with Identity Firewall configuration Enhancing logging, monitoring, visibility, and operational metrics Supporting capacity management activities Advanced Threat Protection (ATP) Assisting with ATP enablement and configuration Supporting policy activation for IPS/IDS Participating in testing, validation, and malware prevention tuning Helping with ...

implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause … Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks ...

testing and risk analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience ...

mission-critical role at the heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed … hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth ...

Azure, corporate servers, and workstations. Carrying out security monitoring and improving the configuration of the security monitoring tools used by Smart Communications. Enhancing security detection and incident response processes ranging from individual playbooks to security incident response and remediation plans. Managing vulnerability detection and remediation by working with … looking for: 5 years of hands-on experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments including proactive configuration of AWS accounts and assets to meet good security practices ...

securing enterprise applications within Entra. Hands-on with Defender XDR/EDR across endpoints, O365, and Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident ...