1 to 25 of 69 Threat Detection Jobs in the UK

SENIOR THREAT DETECTION ENGINEER Fully Remote Up to £100,000 + Excellent Staff Bens + Share Scheme SECURE has strategically partnered with a multi-award-winning, software-based organisation at the forefront of pre-emptive exposure management. As a market leader backed by significant venture funding, they expand … offensive security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection Strategies that Continuously Identify Real-World Exploitation, helping Fortune 500 Companies & Critical Infrastructure Providers outrun Real ...

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit … someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

Threat Detection Engineer - Remote - SC Clearance - Contract As a key member of the SOC Content Team , you will be responsible for developing, deploying, and fine-tuning threat detection content, as well as delivering proactive threat hunting activities. This role involves close collaboration with client Lead … Analysts, threat intelligence teams, and wider SOC functions to ensure detection strategies are aligned with each client's threat landscape and security objectives. You'll enjoy a mix of hands-on technical work, teamwork, and knowledge sharing, with a strong focus on continuous learning and process improvement. ...

fast-growing Blue Team within a dynamic Cyber Practice. This senior role offers the chance to work on high-profile client engagements, delivering threat detection, monitoring, incident response, and security operations expertise. The role is ideal for a self-motivated professional with strong technical skills, inquisitive thinking … passion for protecting enterprise systems from evolving cyber threats. The Role The Cyber Security Operations Specialist will use advanced tools and threat intelligence to ensure effective incident detection and response across client environments. Working closely with security analysts and wider teams, the role combines detection engineering, monitoring ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London or Remote Type: Permanent, full time Hybrid role, happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities … keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager ...

their internal Security Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise … management, coaching, and development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage ...

value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local … levels. Key Responsibilities Responsible or gathering, normalising, and integrating cybersecurity-related data from multiple sources (e.g., SIEM, threat feeds, vulnerability sources, and cloud platforms) to develop trends and to detect threats, vulnerabilities, and anomalies. Ability to translate raw data into meaningful insights that inform security posture or service improvements. ...

Summary The SIEM Application Engineer is responsible for the design, deployment, management, and optimisation of Security Information and Event Management (SIEM) platforms to enhance threat detection, monitoring, and incident response capabilities across enterprise environments. This role focuses on building and maintaining scalable SIEM solutions—primarily leveraging Elasticsearch-based … continuous improvement of organisational security posture. Why This Role Matters SIEM platforms are a core component of modern security architecture, enabling effective monitoring, threat detection, and response across complex IT and network environments. This role plays a critical part in ensuring SIEM solutions are reliable, performant, and aligned ...

Title: SOC Threat hunting Analyst Location: Remote 4 months contract Active SC Clearance required Experience and knowledge Key Responsibilities: Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. Maintain detection … testing to deployment and tuning. Work with client Lead Analysts to ensure content relevance and effectiveness in detecting threats across various environments. Proactive Threat Hunting: Conduct hypothesis-driven threat hunts based on client telemetry, threat intelligence, and observed anomalies. Use available data sources and tools to identify ...

protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month … exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain ...

security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners … develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage ...

pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more REQ5277 We’re seeking a technical Senior Security Analyst to lead threat detection, incident response, and control validation across various cloud security platforms such as, but not exclusive to, Microsoft security suite, AWS workloads, CNAPP … Handle complex threats, lead incident response, and shape security policy Oversee and lead investigations across various cloud security suites Develop and maintain KQL-based detection rules, hunting queries, and alert tuning strategies. Coordinate incident response playbooks across hybrid environments, including AWS EC2, Lambda, and containerized workloads. Contribute ...

first point of escalation during your shift, support analysts with complex cases, and drive continuous improvement in SOC processes, playbooks, and detection standards. This role blends technical expertise with leadership responsibilities, delivering operational excellence in a 24/7, mission-critical environment. What you’ll be doing: Lead your … analysts Mentor and coach Tier 1 and Tier 2 analysts, building capability and fostering a high-performing team culture Perform hands-on alert triage, threat detection, and incident response in line with SOC standards Serve as the first point of escalation, coordinating with incident response, threat intelligence ...

management of modern SIEM and EDR platforms. This role is ideal for someone with strong hands-on technical security expertise and a passion for threat detection, analysis, and automation. Key Responsibilities: Syslog experience and/or strong Linux skills SIEM Deployment & Management Configure, deploy, and maintain SIEM platforms … . Build and optimise log ingestion pipelines. EDR Deployment & Management Manage and maintain tools including Tanium , Trellix , FireEye , Microsoft Defender , or Elastic EDR . Threat Detection & Analysis Monitor security logs and alerts. Investigate anomalies, understand attack patterns, and provide actionable recommendations. Syslog Management Configure and maintain Syslog servers ...

Adword Job Title: SOC Threat hunting Analyst Location: Remote Duration: 04 months contract Active SC Clearance required Experience and knowledge Key Responsibilities: Threat Detection Use Case Development: Design and implement detection logic aligned to specific threat scenarios, using industry frameworks such as MITRE ATT&CK. … Maintain detection content throughout its lifecycle - from development and testing to deployment and tuning. Work with client Lead Analysts to ensure content relevance and effectiveness in detecting threats across various environments. Proactive Threat Hunting: Conduct hypothesis-driven threat hunts based on client telemetry, threat intelligence ...

Networks security technologies and solid experience across XDR and SIEM environments. This role sits within the Security Operations function and is focused on improving threat detection, automation, visibility, and response using XSIAM. *For this role, you must be eligible for SC Clearance* Key Responsibilities Implement and configure Palo … Networks XSIAM to enhance SOC efficiency and visibility Design and manage security automation workflows within XSIAM Integrate and optimise XDR capabilities to support proactive threat detection and response Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reports to provide ...

ensuring timely and effective responses. - Providing expert advice: Work with internal teams and external partners to guide decisions on cybersecurity matters. - Improving defences: Support threat detection, vulnerability remediation, and enhance tools like Microsoft Defender and Sentinel. - Driving governance: Contribute to creating and maintaining security policies, standards, and reporting. … Collaborating widely: Work closely with technology teams to reduce risks and improve security practices. - Enhance security measures: Support threat detection, vulnerability remediation, and continuous improvement of our cyber defence tools and processes. Show us What were looking for in your application: - Experience investigating and responding to cybersecurity incidents ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would be beneficial … optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU IT in confidence about the Security Analyst role. Or reach ...

security transformation. As Security Engineer, you'll lead the deployment and optimisation of CrowdStrike Falcon across the organisation, ensuring endpoints are protected, and threat detection is fully operational. You'll collaborate with internal teams and external partners to integrate CrowdStrike into our environment, fine-tune configurations and provide … engineer with proven experience deploying CrowdStrike at least 3 times in enterprise environments. You have deep technical knowledge of endpoint security, EDR tools and threat detection workflows. Strong troubleshooting and configuration skills are essential, along with the ability to work independently and communicate effectively with stakeholders. Familiarity with ...

Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … e.g., Splunk) to detect threats across diverse environments. Collaborate with security teams to identify gaps in detection, logging, and alerting based on business risks and threats. Review and improve SecOps standards and capabilities, highlighting optimization opportunities. Monitor, triage, and investigate triggered alerts, suggesting improvements where necessary. Respond ...

Join Police Digital Service as NMC Senior Cyber Threat Intelligence Specialist Starting at £60,000pa This is an opportunity to play your part and protect our company, our customers and our communities from cyber attacks. The following information aims to provide potential candidates with a better understanding … Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid/Wigan - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). … Perform threat-hunting, log-analysis (including firewall, web/email filters), implement or review DLP controls, and collaborate with infrastructure/cloud/application teams on remediation and security posture improvements. Contribute to continuous improvement of SOC processes (alert tuning, log-source enrichment, documentation), and take part ...

Join Police Digital Service as NMC Cyber Security Detection Engineer x 2. Full time Permanent. Salary starting at £50,000 About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities … Police Digital Service and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology ...