51 to 75 of 112 Threat Detection Jobs in the UK excluding London

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

their security operations and help shape their cyber maturity. This is a genuinely impactful role - you'll be the go-to for incident response, threat detection, and vulnerability management, while working closely with IT, risk, and external partners. What you'll be doing: Leading cyber incident response … Monitoring and tuning SIEM/detection capabilities Driving vulnerability management and remediation Improving security tooling across endpoints, identity, and infrastructure Supporting compliance (Cyber Essentials, ISO 27001) Acting as a key voice in strengthening overall security posture What they're looking for: Strong background in cyber security operations Hands ...

security event identification via the third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests … Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure management, Data privacy principles and data subject rights. PLEASE NOTE: This role will fall ...

Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology … ensure security issues are addressed quickly upon discovery. NMC Cyber Detect Analyst duties involve but are not limited to: Initial Triage of alerts - evaluation & detection Confirmation of false positive Incident data gathering and feedback on any gaps and issues in respect to Platform Content or tuning opportunities Reflection ...

implement the cloud security framework across multi-cloud environments Deploy and manage security tooling and automated controls to identify and remediate risks Build threat detection processes and incident response playbooks in collaboration with the SOC Support compliance requirements including ISO27001, SOC2, and NCSC Cloud Security Principles Translate security ...

Network+ Exposure to SOC environments, security monitoring, or penetration testing Experience in a client-facing technical role Understanding of endpoint security, vulnerability management, or threat detection tools Why Join Career Development – Opportunity to grow within cybersecurity and operations Hands-On Experience – Exposure to real-world enterprise security environments ...

focused reports translating technical risk into clear impact Develop and enhance testing approaches, scripts, and automation tools to improve effectiveness Collaborate with SOC and Detection Engineering teams to embed long-term security improvements Support red team exercises and broader threat-led testing initiatives Stay current with emerging threats … continuous learning and industry engagement Requirements: Proven hands-on experience in penetration testing and/or red team engagements Strong understanding of vulnerability management, threat detection, and incident response Experience working within cloud environments, ideally Microsoft Azure Ability to communicate complex security risks clearly to both technical ...

Microsoft 365 estate within a high value research environment. Acting as the organisation's trusted specialist, you will oversee identity protection, access governance, cloud threat defence and compliance across Entra ID, Conditional Access, MFA, PIM, Microsoft Defender, Purview and related services. You will be responsible for diagnosing complex issues … need to succeed You will bring substantial hands on experience in Microsoft 365 security, with a deep understanding of identity protection, access control, threat detection and compliance You'll have operated in complex or hybrid environments and will be fully confident configuring, troubleshooting and enhancing services such ...

Sophos firewalls, including SD-WAN, intrusion prevention, and web filtering policies Familiarity with Microsoft Sentinel (SIEM) and Microsoft Defender for Endpoint for security monitoring, threat detection, and incident response Familiarity with infrastructure and application monitoring tools, such as Auvik or WhatsUp Gold for network monitoring and Datadog ...

ensuring systems remain secure, resilient, and aligned to business needs Manage day-to-day security operations, including monitoring SIEM platforms, Firewalls, endpoint protection, and threat detection tools Investigate security incidents and vulnerabilities, recommending and implementing corrective actions where required Maintain and support network technologies including LAN/… standards Support disaster recovery and business continuity planning, testing, and readiness activities Key Experience & Skills: Palo Alto Firewalls and all associated NG services Endpoint detection and remediation Proven track record in Cyber security and understanding of cyber security analysis, tools and software Experience of implementing, supporting and developing ...

enterprise-scale infrastructure. Security is a major investment area for the business, with a strong focus on cloud security, cyber resilience, automation, and intelligent threat detection.This is an opportunity to join a collaborative team where security is seen as a business enabler — not a blocker.The RoleThis is a hands … engineering position suited to someone who enjoys solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure ...

enterprise-scale infrastructure. Security is a major investment area for the business, with a strong focus on cloud security, cyber resilience, automation, and intelligent threat detection.This is an opportunity to join a collaborative team where security is seen as a business enabler — not a blocker.The RoleThis is a hands … engineering position suited to someone who enjoys solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure ...

A cyber security provider in the United Kingdom is seeking a Security Operations Engineer for its SOC. The role involves monitoring security alerts, guiding clients during incidents, and developing security tooling. Candidates should have experience ...

incident response capability by developing, maintaining, and continuously improving cyber security playbooks, procedures, and associated documentation. You'll work closely with incident responders, detection engineers, and wider cyber teams to ensure processes are clear, repeatable, and aligned with best practice. You'll support the full incident lifecycle - from preparation … during security incidents. - A good understanding of the incident response lifecycle, common attack techniques (MITRE ATT&CK), and how incident response processes integrate with threat detection, monitoring, and wider security operations. ...

developing custom data connectors. Proficiency in Infrastructure as Code and scripting in Python or Go is necessary, along with a solid background in threat detection and security monitoring. This role offers a competitive salary and the flexibility of hybrid working arrangements. #J-18808-Ljbffr ...

Compliance Implement and maintain security and access policies for web traffic aligned to enterprise risk frameworks. Integrate with SIEM and analytics platforms to support threat detection and response. Balance security controls with usability, particularly in the browser and colleague web‐access journey. Participate in security reviews, risk assessments ...

Compliance Implement and maintain security and access policies for web traffic aligned to enterprise risk frameworks. Integrate with SIEM and analytics platforms to support threat detection and response. Balance security controls with usability, particularly in the browser and colleague web‐access journey. Participate in security reviews, risk assessments ...

Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber... CRWG1_UKTJ ...

involves driving Sentinel adoption, leading client onboarding, and developing custom data connectors. Candidates should have solid experience with Infrastructure as Code, DevOps pipelines, and threat detection, as well as proficiency in scripting languages like Python and Go. This position offers a competitive salary, flexible working conditions ...

Conditional Access, PIM, CIEM, and Governance. Strong experience with hybrid identity (on-prem Active Directory, AD FS, Azure AD Connect). Proficiency with Identity threat detection tools and integration with broader security ecosystems. Deep understanding of authentication protocols (SAML, OAuth, OpenID Connect, Kerberos, LDAP). Familiarity with ...

Network & Security Engineering Implement, and support enterprise grade network and security solutions Deploy, configure, and troubleshoot Cisco Firepower firewalls, including policy configuration, VPNs, and threat protection Implement and maintain Cisco Identity Services Engine (ISE) for network access control, authentication, and authorization Work with Cisco Stealthwatch and other Cisco security … tools to provide visibility, monitoring, and threat detection Configure and support FortiGate firewalls where required, including firewall policies, VPNs, and security profiles Produce high quality technical documentation, including designs, implementation guides, and handover documentation Customer Engagement & Communication Serve as a trusted technical advisor to customers, clearly explaining solutions ...

senior contractor position will play a key role in driving strategic cyber initiatives, enhancing operational models, and delivering transformation programmes that improve cyber resilience, threat detection, incident response, and risk intelligence capabilities. The role sits at the convergence of technology, operational process, and stakeholder engagement. You will work … prioritised product backlogs. Solid understanding of software development lifecycles and experience working closely with engineering and technical delivery teams. Knowledge of cybersecurity risk management, threat landscapes, controls, and regulatory considerations within enterprise environments. Exposure to enterprise-scale data and analytics platforms, including technologies supporting reporting, insights, and decision intelligence. ...

work closely with Security Operations Centre engineers. The successful candidate will need significant DFIR experience, strong client management skills, and a good understanding of threat detection methodologies. Competitive benefits include private medical cover, discretionary bonuses, 25 days holiday and more. #J-18808-Ljbffr ...

Complete this 8-10 week online training with just 2 hours per day of study time. You will learn industry-recognised methodologies, network security, threat detection, vulnerability management, and incident response, while building practical experience with Live Labs. The programme includes earning CompTIA certifications (A+, Network+, Security+) recognised ...

Complete this 8-10 week online training with just 2 hours per day of study time. You will learn industry-recognised methodologies, network security, threat detection, vulnerability management, and incident response, while building practical experience with Live Labs. The programme includes earning CompTIA certifications (A+, Network+, Security+) recognised ...