1 to 25 of 37 Threat Detection Jobs in the UK excluding London

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

Cyber Threat Detection Analyst Location: Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC (UK Nationals only) Company Overview An exciting opportunity to join a global technology Powerhouse with a highly regarded cyber security capability supporting … mission-critical environments across multiple industries. Cyber security sits at the heart of the organisation's operations, with sustained investment in people, tooling, threat intelligence, and continuous professional development. The security function operates at a mature level, bringing together blue team, red team, threat hunting, and collaborative purple ...

Title: Lead Threat Detection Analyst Location: Preston Security Clearance: SC or eligibility to obtain (higher clearance advantageous) We are seeking a Lead Threat Detection Analyst to join a high-performing Cyber Operations function responsible for protecting critical national and defence infrastructure from sophisticated cyber threats. This … hands-on leadership role combining technical threat detection expertise with operational oversight. You will lead triage and detection activities, mentor analysts, and continuously improve people, process and technology across the security operations capability. You will play a key role in identifying, analysing and mitigating threats before they ...

SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve the organisation … overall cyber resilience. This is an excellent opportunity for a security professional who enjoys leading teams, improving security operations, and driving proactive threat detection strategies. Key Responsibilities Lead and mentor the internal Security Operations team, overseeing daily operational activities and performance. Define and implement the strategy and operational ...

complex enterprise security environment. The successful consultant will play a key role in strengthening the organisation’s security operations capability, helping to modernise threat detection, automate response workflows, and improve visibility across the security ecosystem. Key Responsibilities Lead the implementation and configuration of Palo Alto XSIAM within … enterprise SOC environment Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and reduce manual ...

logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules and use cases to improve threat visibility. Threat Hunting: Proactively hunt for advanced … platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud) Ability to independently ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat ...

Detection & Response Analyst (SOC/Security Engineering Pathway) Portsmouth (Hybrid) Why this role is different Most SOC roles are alert-heavy and repetitive. This isn’t one of them. You’ll be joining a team that’s actively moving beyond traditional SOC work—focusing on threat detection, automation, and security engineering , not just ticket handling. If you’re looking to step up from SOC OR move closer to engineering/threat hunting , this is a genuine pathway role. What you’ll be doing Investigating and responding to security incidents across enterprise environments Building and improving ...

initial We are looking for an experienced Senior Security Engineer to join a growing cyber security team, helping to strengthen security controls, monitoring and threat detection capabilities across the organisation's technology estate. This role will play a key part in the operation and improvement of core security … detect threats, improve visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management ...

clients large-scale Operational Technology (OT) environment. This is a hands-on role focused on implementing and maturing a suite of security tooling, enhancing detection capabilities, and strengthening overall cyber resilience. You will work closely with internal security teams and stakeholders to ensure successful integration and ongoing improvement … Information Security, Cyber Security, or a related field Key Responsibilities include: * To lead the deployment, configuration, and optimisation of OT security tooling, including: Endpoint Detection & Response (EDR) Identity Threat Detection & Response (ITDR) Network Detection & Response (NDR) Industrial Control System (ICS) monitoring solutions * Implement and maintain hardened ...

senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities. Key Responsibilities Act as the final escalation point for security incidents and alerts … Lead and coordinate incident response for high-severity threats Perform advanced threat hunting and forensic investigations Analyse logs from SIEM, EDR, NDR, and cloud security tools Develop and refine detection rules and use cases Support SOC maturity improvements and playbook development Mentor and support L1/L2 analysts ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams … relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication ...

Your mandate is to take ownership of the Technical Implementation & Engineering Functions, shifting the SOC from a Reactive State to a Proactive, High-Fidelity Detection Powerhouse. You will have the autonomy to set the direction for the practice, architecting how the team utilises SIEM, EDR & IDS Tools. … SIEM Platforms (specifically Microsoft Sentinel) & EDR solutions. You should be comfortable managing these within Complex, Multi-Tenant Environments. The Engineering Edge: Good Background in Detection Engineering, Custom Rule Creation & Log Orchestration. You should be highly proficient in KQL & have good Scripting Capabilities (Python or PowerShell). Onboarding & Architecture: Proven ...

secure design and operation of critical technology platforms, collaborating closely with platform owners and engineering teams to embed security throughout the lifecycle.Incident Response and Threat ManagementProvide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security incidents.Stakeholder EngagementAct ...

secure design and operation of critical technology platforms, collaborating with platform owners and engineering teams to embed security throughout the lifecycle. Incident Response & Threat Management: Provide technical oversight for incident response, threat detection, and vulnerability management. Lead root cause analysis and remediation of complex security incidents. Stakeholder ...

Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against sophisticated cyber adversaries, including nation states and organised criminal … groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work with cutting-edge technologies in a fast-paced ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

Assist in reviewing weaknesses across applications and infrastructure and support risk-based prioritisation.* Partner with engineering teams to resolve issues efficiently and pragmatically.* Refine detection tooling by tuning logic and reducing unnecessary or inaccurate alerts.Operational Readiness & Observability* Strengthen visibility across systems through improved log pipelines, alerting pathways, and monitoring … working within assurance-focused frameworks including ISO 27001, SOC 2, or NIST.* Familiarity with automated governance and policy-driven cloud controls.* Exposure to investigative, detection, or security operations workflows.Qualifications That Would Be Beneficial* Industry security certifications such as CISSP, CISM, CCSP, or GSEC.* Cloud-focused qualifications like AWS Security ...

recruiting a Tier 2 SOC Analyst to support advanced cyber threat detection and response within an established Security Operations Centre. The successful candidate will manage escalated security incidents, perform detailed investigations, tune security tooling, and provide direct client support during active cyber events. This role is ideal … analysts Carry out root cause and post-incident analysis Lead incident containment and remediation activities Support firewall alert analysis and network troubleshooting Improve detection accuracy through tuning and optimisation Develop SOC playbooks and automation workflows Maintain high-quality incident documentation Required Experience Previous experience in a SOC or security ...

recruiting a Tier 2 SOC Analyst to support advanced cyber threat detection and response within an established Security Operations Centre. The successful candidate will manage escalated security incidents, perform detailed investigations, tune security tooling, and provide direct client support during active cyber events. This role is ideal … analysts Carry out root cause and post-incident analysis Lead incident containment and remediation activities Support firewall alert analysis and network troubleshooting Improve detection accuracy through tuning and optimisation Develop SOC playbooks and automation workflows Maintain high-quality incident documentation Required Experience Previous experience in a SOC or security ...

Sentinel and Intune Experience remediating Defender for Cloud and Microsoft Defender findings in live environments Strong understanding of cloud security posture management and threat detection Experience securing Azure environments in regulated or multi-tenant settings Ability to communicate security risks to both technical and non-technical stakeholders Desirable ...

negotiation skills for C-level and technical audiences. Technical & Industry Knowledge: Understanding of cybersecurity frameworks and compliance (ISO 27001, NIST, GDPR). Familiarity with threat detection, MDR/EDR/XDR, SIEM, email security, and identity management solutions. Awareness of current threat landscape and MSSP service models ...

Identify control gaps and drive remediation planning. Implement and improve OT security governance aligned to recognised standards. Manage and escalate technical risks and issues. Threat & Vulnerability Management Support SIEM integration, threat detection, and response within OT environments. Contribute to vulnerability management and continuous monitoring. Ensure robust asset … endpoint protection. Proven experience delivering within cybersecurity transformation programmes. Strong understanding of cyber risk management in OT environments. Experience with SIEM, vulnerability management, and threat detection. Knowledge of IoT security and federated network operations. Familiarity with Agile or hybrid delivery environments. Standards & Frameworks Working knowledge of IEC62443, ISA99, NIST ...