1 to 25 of 147 Threat Detection Jobs in the UK

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

Cyber Threat Detection/SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst … will play a hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high … impact detection capabilities , shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy : Lead projects from idea to deployment Innovation-driven : Develop ...

Team This is an excellent opportunity for a CyberSecurity Analyst looking to join a mature cyber security operation and continue developing their incident response, threat detection and cyber defence skills within a highly respected technology organisation. An established international technology and cyber security services provider is investing heavily … excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond ...

well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices … threats. ________________________________________ Role Overview As a Security Monitoring & SIEM Analyst, you will play a key role within the Security Operations function, focused on real-time detection, investigation, and response to cyber threats using SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection ...

excellent opportunity for a cyber security professional looking to further develop their experience within a mature Security Operations environment, gaining exposure to incident response, threat detection, vulnerability management and modern Microsoft security technologies. Working within a highly regulated customer environment, you will help monitor, investigate and respond … incidents through the incident response lifecycle Perform security investigations and root cause analysis Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams ...

high-performing Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role … protecting complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect ...

critical role in strengthening and maturing Reapit’s cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct ongoing security … high quality documentation. Work in a self managing, proactive manner — anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation, containment, eradication, and recovery. ...

stakeholders. Key Responsibilities Lead and manage cyber incident response activities from identification through to recovery. Conduct digital forensic investigations across multiple environments. Support threat detection, threat hunting, and security monitoring activities. Develop and enhance incident response processes, playbooks, and best practices. Produce clear technical and executive-level … Clearance Proven ability to lead complex cyber investigations and incident response engagements during live events. Experience with forensic tools, SIEM platforms, and threat detection methodologies. Knowledge of Windows and cloud environments. Excellent analytical, problem-solving, and communication skills. Customer-focused with the ability to remain calm under pressure. ...

defend organisations against evolving cyber threats? Join a highly regarded cyber security provider known for its 24/7 managed security operations, advanced threat detection, and real-time incident response. The team helps organisations across multiple industries stay resilient, secure networks, endpoints, and cloud environments from ever-changing … industry-leading security technologies to safeguard client environments. This role provides the opportunity to develop expertise across a wide range of security technologies, enhance detection and response capabilities. If you are ready to play a pivotal role in protecting organisations from cyber threats while growing professionally within a collaborative ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer to strengthen and evolve advanced threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

helping shape the future of cyber security operations across the business, working closely with infrastructure, cloud and technology teams to improve security posture, strengthen detection and response capabilities, and ensure the organisation remains protected against emerging threats. This role offers a blend of leadership, technical oversight and strategic influence. … What You'll Be Doing * Leading and developing the Security Operations capability * Managing cyber security incidents and coordinating effective responses * Driving improvements across monitoring, threat detection and vulnerability management * Working closely with technology teams to improve security across cloud, infrastructure and end-user environments * Helping optimise security tools ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes threat ...

recruit a Senior Security Analyst. This role is suited to an enthusiastic and forward-thinking Senior Security Analyst with a strong interest in threat detection and response, as well as leveraging advanced technologies to automate incident response, remediation, and reporting. It offers the opportunity to work … fast-paced environment alongside a team committed to innovation, continuous improvement, and operational excellence. This position is highly technical, covering detection engineering, forensic investigation, threat hunting, and incident response, primarily within the Microsoft security ecosystem (including Sentinel and Defender XDR). The Role: This role involves managing complex ...

PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. * Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. * Conduct forensic analysis, malware reverse engineering, and develop IOCs and detection signatures. * Manage and integrate logs from various sources … ensuring full visibility and compliance. * Analyse attacker TTPs and manage threat intelligence, including incident assessment and reporting. * Collaborate with stakeholders to ensure operational effectiveness and continuous process improvement. * Maintain knowledge of current cyber threats and emerging trends. What you'll bring: * Proven hands-on experience with SIEM and SOAR ...

emerging AI technologies. You will play a central role in designing, implementing, and continuously improving security capabilities that are increasingly enhanced by AI-driven detection, automation, and intelligent decision support.The position combines deep technical security engineering with forward-looking exploration of AI-enabled security systems, detection engineering … adaptive security systems that evolve alongside both cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging ...

emerging AI technologies. You will play a central role in designing, implementing, and continuously improving security capabilities that are increasingly enhanced by AI-driven detection, automation, and intelligent decision support. The position combines deep technical security engineering with forward-looking exploration of AI-enabled security systems, detection engineering … adaptive security systems that evolve alongside both cyber threats and AI-enabled attack techniques. Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security ...

WORK As a Senior Security Engineer focusing on anti-abuse and threat intelligence, you will lead the design and development of systems and automation to detect, mitigate, and prevent threats targeting Ripple’s staff, products, and users. This includes identifying and advising on Advanced Persistent Threats (APTs) targeting … mobile, and social platforms. You will collaborate closely with Legal, Communications, Brand Security, and third‐party vendors to build a scalable and proactive threat intelligence capability. WHAT YOU'LL DO Operationalize threat intelligence: Develop systems to detect and disseminate intelligence on threats impacting Ripple and Ripple customers. Automate ...

WORK: As a Senior Security Engineer focusing on anti-abuse and threat intelligence, you will lead the design and development of systems and automation to detect, mitigate, and prevent threats targeting Ripple’s staff, products, and users. This includes identifying and advising on Advanced Persistent Threats (APTs) targeting … mobile, and social platforms. You will collaborate closely with Legal, Communications, Brand Security, and third-party vendors to build a scalable and proactive threat intelligence capability. WHAT YOU’LL DO: Operationalize threat intelligence: Develop systems to detect and disseminate intelligence on threats impacting Ripple and Ripple customers. Automate ...

working within Central Government, the Public Sector, or highly regulated scientific environments.Key Responsibilities Define and lead the Cyber Security Operations Centre (CSOC), ensuring effective detection, response, and remediation of cyber incidents Own and continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security … advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability management, and proactive risk mitigation across the estate Lead the analysis of network traffic and behaviours ...

week) £65,000 + benefits We're supporting a major organisation operating within a Critical National Infrastructure (CNI) environment to hire a Senior Cyber Threat Hunter Specialist. This is a hands-on, high-impact role embedded within a mature Security Operations Centre, focused on protecting essential services. The Opportunity … play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability and response maturity. What You'll Be Doing Monitoring & Triage Analyse ...

Security Architecture frameworks ISO 27001, NIST 800-53, CIS Controls, and OWASP Identity & Access Management (IAM) and Privileged Access Management (PAM) Security Monitoring, SIEM, Threat Detection, and Response Risk Management and Governance frameworks SaaS platforms including Salesforce, SAP, Oracle, and Workday What You Can Expect Work closely with … NIST 800-53, and OWASP. Understanding of cloud security controls including identity, network security, encryption, and key management. Experience with logging, monitoring, SIEM technologies, threat detection, and security operations concepts. Knowledge of cyber risk management, threat intelligence, governance, and compliance requirements. Experience supporting large-scale technology ...

Cyber Operations Analyst to join their Cyber Security team. This role will focus on leading cyber incident response activities, managing security monitoring capabilities, driving threat detection and containment, and supporting the bank's wider cyber defence strategy. Key Requirements: * Strong experience within Cyber Operations, SOC or Incident Response … environments * Hands-on expertise with SIEM technologies (Splunk, Sentinel, QRadar etc.) * Knowledge of threat detection, malware analysis, endpoint, network or cloud security * Scripting experience (Python, PowerShell or similar) * Strong understanding of cyber risk, controls and security governance * Excellent stakeholder management and communication skills Desirable: * Financial Services experience * Threat ...