1 to 25 of 26 Threat Detection Jobs in the South East

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high … impact detection capabilities , shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

emerging AI technologies. You will play a central role in designing, implementing, and continuously improving security capabilities that are increasingly enhanced by AI-driven detection, automation, and intelligent decision support.The position combines deep technical security engineering with forward-looking exploration of AI-enabled security systems, detection engineering … adaptive security systems that evolve alongside both cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging ...

week) £65,000 + benefits We're supporting a major organisation operating within a Critical National Infrastructure (CNI) environment to hire a Senior Cyber Threat Hunter Specialist. This is a hands-on, high-impact role embedded within a mature Security Operations Centre, focused on protecting essential services. The Opportunity … play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse ...

Start: ASAP Location: Local Authority (LBH) What you’ll be doing: Leading CrowdStrike Falcon deployment, configuration, and optimisation Enhancing Splunk SIEM dashboards, alerts, and threat detection capabilities Acting as a senior escalation point for incident response Driving SOAR automation to improve response times Conducting proactive threat hunting … CrowdStrike certifications (CCFA, CCFR, CCSE) CISSP, GCIH, or similar If you’re a senior engineer who enjoys working at the intersection of SOC optimisation, threat detection, and automation , this role offers real impact from day one. ...

seeking an experienced Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally …/CD pipeline design and implementation Proven experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach ...

responsibilities: Design and develop advanced risk models, including predictive, probabilistic, and scenario-based modelling approaches Apply data science techniques to risk scoring, anomaly detection, and threat assessment across complex datasets Build and deploy machine learning models into production, ensuring scalability and robustness Develop scenario simulations to model potential … predictive, probabilistic, simulation-based) in real environments Deep experience in risk modelling, including risk scoring frameworks, predictive risk analytics, and scenario modelling Experience in threat detection/anomaly detection, such as fraud, compliance, safety, or security use cases Strong grounding in statistics, hypothesis testing, and experimental design ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … leading the investigation and response to sophisticated cyber threats and incidents. Youll work closely with internal security teams, customers, and stakeholders to continuously evolve detection capabilities, improve operational maturity, and ensure DXC continues to deliver a world-class security monitoring service. This role operates on a Monday to Friday ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation's defensive capabilities while … remaining at the forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment ...

Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat Detection & Prevention Identify emerging threats, vulnerabilities, and attack trends relevant to the organisation. Tune and optimise security tooling to improve detection capability ...

Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention Proactively identify emerging threats, vulnerabilities, and attack patterns affecting the organisation. Tune and optimise security tools to reduce false positives … improve detection accuracy. Implement, manage, and maintain endpoint protection and security policies. Support vulnerability management activities, including remediation planning and risk tracking. Security Operations & Continuous Improvement Maintain and enhance security monitoring rules, alerts, and dashboards. Contribute to the development and maintenance of security runbooks and incident response playbooks. Support ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

governance, compliance and risk activity aligned to ISO 27001 and NIST. Requirements: Experience in Security Operations, Cyber Security Engineering or SecOps. Strong knowledge of threat detection, incident response, endpoint security and vulnerability management. Exposure to Microsoft Azure. Experience with tools such as CrowdStrike, Absolute, Sumo Logic, Rapid7 ...

initiatives and secure industrial communications Collaborate with MSPs and external cyber security partners to ensure effective service delivery Contribute to ongoing monitoring and incident detection capabilities within OT environments Ensure alignment with recognised cyber security standards and regulatory expectations Essential Experience Background working within industrial sectors such … technical documentation and policy creation Ability to start within a short notice period (maximum 2 weeks) Desirable Experience deploying OT monitoring, asset discovery, or threat detection tools Understanding of regulatory and compliance requirements within critical infrastructure environments Familiarity with IT service management practices and project delivery methodologies ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

Doing: Designing and maintaining secure infrastructure within Kubernetes environments Managing and optimising Splunk and Nessus security tooling for monitoring, logging, and threat detection Running vulnerability scanning processes and supporting remediation efforts Embedding security into CI/CD pipelines and cloud-native workflows Automating security tasks using scripting … SIEM, observability, and vulnerability management practices Scripting or automation capability (Python, Bash, or similar) Understanding of container security and DevSecOps principles Familiarity with threat frameworks and security best practices Experience with tools such as Microsoft Defender or similar security platforms Exposure to infrastructure-as-code and CI/ ...

Network+ Exposure to SOC environments, security monitoring, or penetration testing Experience in a client-facing technical role Understanding of endpoint security, vulnerability management, or threat detection tools Why Join Career Development – Opportunity to grow within cybersecurity and operations Hands-On Experience – Exposure to real-world enterprise security environments ...

application hardening standards, ensuring strong, consistent security configurations across environments Act as an on-call responder for security incidents, taking full ownership from detection through to resolution and post-incident improvement Collaborate with Information Security and leadership teams to ensure compliance with relevant standards and frameworks (e.g. Cyber Essentials … parsing, and alerting rule development Experience working within compliance-driven or regulated environments A strong security mindset, with a focus on access control, threat detection, and auditability The ability to balance robust security controls with operational efficiency High levels of autonomy and sound judgement, with the ability ...

ROLE SUMMARY Our Global Cyber Defense team is responsible for safeguarding Pfizers digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud and hybrid environments. We are seeking a Senior Manager, Data Protection Engineering, to lead and evolve our data protection capabilities … controls are designed into platforms, not bolted on post-deployment. Incident Support & Risk Management Partner with Security Operations and Incident Response teams to support detection, investigation, and response to data protection incidents and policy violations. Ensure data protection capabilities align with enterprise risk management frameworks, internal security standards ...

Sophos firewalls, including SD-WAN, intrusion prevention, and web filtering policies Familiarity with Microsoft Sentinel (SIEM) and Microsoft Defender for Endpoint for security monitoring, threat detection, and incident response Familiarity with infrastructure and application monitoring tools, such as Auvik or WhatsUp Gold for network monitoring and Datadog ...

Microsoft 365 estate within a high value research environment. Acting as the organisation's trusted specialist, you will oversee identity protection, access governance, cloud threat defence and compliance across Entra ID, Conditional Access, MFA, PIM, Microsoft Defender, Purview and related services. You will be responsible for diagnosing complex issues … need to succeed You will bring substantial hands on experience in Microsoft 365 security, with a deep understanding of identity protection, access control, threat detection and compliance You'll have operated in complex or hybrid environments and will be fully confident configuring, troubleshooting and enhancing services such ...

data centre cross-connects, Smart Wires (EoF/EoC), resiliency (dual/single path), national and international reach. Next Generation Firewall:HA pair deployment, threat detection, policy enforcement, and continuous monitoring. LAN & Wi-Fi:Wired and wireless infrastructure across all sites, incident classification and rapid resolution, monthly site ...

seamless integration of multi-factor authentication with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response solutions to proactively identify and mitigate identity-based attacks. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos ...