12 of 12 Threat Detection Jobs in the City of London

Financial Service firm seeks a Senior Threat Detection Engineer to join. In this role you will be tasked with threat profiling, building out CI/CD detections as code using a repository like Git to store detection rules, rule base tuning, and helping to develop … prioritises process improvement and enhancement this role is the perfect fit for you. I am keen to speak to those with a background in Threat Detection Engineering who have experience using MITRE ATT&CK, Sentinel, Microsoft KQL and have experience in process implemention. This is very flexible role ...

Harrington Starr have partnered with a leading global financial services organisation for a Threat Detection/SIEM Engineer with a focus on Splunk. The role has both technical and strategic importance within the cyber security team and will focus on developing world class Threat Detection services … global basis. Ona day to day basis the role will involve: Splunk Deployment including patch management to ensure health and stability Use case detection including staying up to date with existing attacker techniques and translating them in to business requirements. The on-boarding of log sources in to Splunk ...

Cybersecurity Analyst Stockley Park, England - work on implementing and analyzing security event logs from SAP solutions - operate and enhance SAP Enterprise Threat Detection solution - calibrate detections for SAP ABAP, SAP Java, SAP HANA, SAP Commerce (Hybris) and SAP BTP - assist with securing SAP on AWS implementation - help securing … least 1 year Is Required Application Security Testing At least 1 year Is Required SAP System Hardening 2-5 years Is Required SAP Enterprise Threat Detection 2-5 years Is Required Enterprise Key Management 2-5 years Is Required SAP Business Technology Platform 2-5 years Is Required ...

Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks and threats. Review and improve SecOps standards and capabilities, highlighting optimization opportunities. Monitor, triage, and investigate triggered alerts, suggesting improvements where necessary. Respond ...

looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor … junior engineers and drive best practices. Collaborate with IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. ...

will play a pivotal role in securing critical national infrastructure. You will lead technical delivery across two primary workstreams: the deployment of Advanced Threat Protection (ATP) and the implementation of the broader VMware vDefend security suite. Key Responsibilities 1. vDefend Firewall (DFW) Implementation You will support the platform deployment … Operational Design: Establishing the operating model, standardisation goals, and capacity management frameworks. Technical Integration: Implementing Identity Firewalls, logging, monitoring, and visibility metrics. 2. Advanced Threat Protection (ATP) You will oversee the enablement and tuning of ATP features to ensure robust threat detection, including: Detection & Prevention: Enabling ...

environments, including hypercare and process adaptations. Investigate and resolve IAM security incidents, access anomalies, and authentication issues. Review and monitor Identity Threat Detection & Response (ITDR) systems. Collaborate with SOC teams to detect privileged account misuse and insider threats. Identity & Access Management (IAM): Design, implement, and maintain IAM solutions … Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional SailPoint IdentityNow/IdentityIQ Engineer CyberArk Defender/Guardian ...

security controls • Experience remediating findings using native Azure security tooling and/or SIEM/CSPM platforms • Working knowledge of Azure logging, monitoring, and threat detection capabilities Additional Skills • Ability to work independently on remediation tasks while coordinating with multiple teams • Experience working in project-based or programme ...

capacity planning, QoS, and traffic engineering. Strong background in security, including firewalls, VPNs, IDS/IPS, secure segmentation, and Zero Trust architecture. Experience with threat detection/response, SIEM integration, and incident response. Familiarity with compliance frameworks such as ISO 27001, NIST, and GDPR. Knowledge of cloud & hybrid ...

/enterprise deployments. Network performance engineering (capacity planning, QoS, traffic engineering). Security Expertise Firewalls, VPNs, IDS/IPS, secure segmentation, Zero Trust architecture. Threat detection/response, SIEM integration, incident response. Compliance frameworks (ISO 27001, NIST, GDPR). Cloud & Hybrid Networking AWS/Azure/GCP networking ...

permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. Key Responsibilities Incident Response … Security Operations Lead and mature security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts Build real-time visibility into organisational cyber telemetry ...

governance, AWS Config. Hybrid Networking & Connectivity - AWS Direct Connect, VPN, Transit Gateway, PrivateLink, and BGP routing. AWS Security & Monitoring - logging, and threat detection. Cloud Cost Optimisation & Performance Tuning - Right-sizing, auto-scaling, and FinOps principles. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will ...