1 to 25 of 144 Threat Detection Jobs in the UK

to own, manage and rule their data. One of our specialisations is incybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on … delivering tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced More ❯

Threat Detection Engineer (SIEM/SOAR) Hybrid working: 1 day required in Leeds office per quarter. Mostly remote working. DGH Recruitment are currently recruiting on behalf of a leading global organisation who are looking for a Threat detection and threat response subject matter expert to join the team on a permanent basis. Responsibilities: - Design, engineer … a technical resource for the security operations team during active response efforts. - Conduct and manage event/incident investigations and post-mortem analysis as needed. - Document and maintain Automation, Detection and Incident Response procedures as required. - Regularly monitor and translate threat intelligence feeds into actionable detection. - Examine various logs to determine trends and identify security incidents. - Assist in … responding to audits, penetration tests and vulnerability assessments. Required Skills/Experience: - Experience with SIEM security telemetry, security monitoring, incident detection, incident response and forensics - Experience in Threat hunting & IR experience in Windows and/or Linux environments, cloud/hybrid environments - Proficient in SIEM management, configuration and analysis - Experience with Security Orchestration Automation and Response (SOAR) tools More ❯

across Vercel's platform and enterprise security functions. This role will focus on operational resilience, incident response readiness, and fostering alignment across security and engineering teams. You will oversee threat detection, response processes, and security best practices, while guiding Security Operations Engineers to ensure operational excellence. If you're based within a pre-determined commuting distance of one … fully remote. For location-specific details, please connect with our recruiting team. What You Will Do: Lead and manage Security Operations for platform and enterprise security functions, ensuring effective detection and response capabilities. Develop and refine incident response protocols and threat detection processes, ensuring rapid and effective mitigation of security incidents. Own internal attack surface management, including … operational overhead. Support compliance initiatives (PCI, SOC2, ISO) by ensuring audit readiness and security visibility across critical systems. About You: Extensive experience leading security operations functions, including incident response, threat detection, and security monitoring at scale. Strong technical expertise in SIEM, logging infrastructure, and cloud security (AWS, Kubernetes, serverless architectures). Proven leadership in mentoring and managing Security More ❯

Weir's global technology infrastructure from internal and external threats, while fostering a secure-by-design culture. You will collaborate across business units and technology teams to ensure robust threat detection, response capabilities, and alignment with strategic business goals. Why choose Weir: Be part of a global organization dedicated to building a better future: At Weir, the growing … business goals and ensuring resilience across Weir's digital ecosystem. Lead the development of a secure-by-design approach and contribute to the broader technology strategy. Security Operations and Threat Management: Oversee the 24x7 Security Operations Centre and ensure robust threat detection, response, and recovery capabilities. Implement and test frameworks for threat detection and operational … candidates that have the ability to perform the objectives above. Proven leadership experience within a technology security function in a medium to large organization Deep expertise in security operations, threat detection, risk management, and digital security practices Demonstrated success in managing global, high-availability IT systems and delivering complex programs Background in supplier management and stakeholder engagement at More ❯

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering … function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy, and designing detection capabilities that protect our global environment. Your new role Lead the coordination and … operation of the internal detection engineering function. Design and implement cyber detection rules and use cases to identify threats across our IT infrastructure. Identify and log visibility gaps, working to improve detection coverage and accuracy. Build and tune custom detection logic for complex environments and emerging threats. Monitor evolving attacker tactics (TTPs), integrating insights into detection More ❯

CBRNE Digital and Integration Product Manager Location: United Kingdom Ref: REF1815K Job Function: Company Description Every minute of every day, Smiths Detection's threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and … management of security and detection solutions designed to make the world a safer place. Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of … of integrated sensing and situational awareness solutions. This high-impact role sits at the heart of our Chemical, Biological, Radiological, Narcotics, and Explosives (CBRNE) portfolio, shaping the future of threat detection and digital connectivity. What you'll do: Develop strategies and plans to allow SD to win in the CBRNE Digital & Innovation market. Provide CBRNE Digital & Innovation technical More ❯

Threat Detection Engineer (SIEM/SOAR) Hybrid working: 1 day required in Leeds office per quarter. Mostly remote working. DGH Recruitment are currently recruiting on behalf of a leading global organisation who are looking for a Threat detection and threat response subject matter expert to join the team on a permanent basis click apply for More ❯

including subsidised meals, free car parking and much more... The opportunity: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos … in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec … and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The MBDA SOC Analyst reports to the SOC Manager. The MBDA SOC Analyst More ❯

Detection and Response Engineer page is loaded Detection and Response Engineer Apply locations Edinburgh London 125 London Wall Leeds Wellington Place Bristol Manchester Westminster House time type Full time posted on Posted Yesterday time left to apply End Date: August 1, 2025 (12 days left to apply) job requisition id 138539 End Date Thursday 31 July 2025 Salary … We support flexible working - click here for more information on flexible working options Flexible Working Options Hybrid Working, Job Share Job Description Summary . Job Description JOB TITLE: Detection & Response Engineer SALARY : From £70,929 depending on experience and location LOCATION(S): Leeds, Manchester, Bristol, London or Edinburgh HOURS: Full time (This role will include a requirement to work … stay one step ahead of cyber adversaries. We pride ourselves on our innovative approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat More ❯

summaries. Create and maintain executive-level documentation, including standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and vigilance. … Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or a … related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of the cyber threat More ❯

Location: United Kingdom Ref: REF274K Job Function: Company Description Every minute of every day, Smiths Detection's threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over … a passion for leading complex projects in a dynamic environment? Do you excel at integrating advanced systems like Computed Tomography (CT), X-ray, Automated Tray Return Systems (ATRS) Explosive Detection Systems (EDS), and Baggage Handling Systems (BHS)? Smiths Detection is seeking a Service Projects Engineer to join our team, ensuring seamless service project delivery for critical security solutions. More ❯

organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response activities. Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model). Conduct forensic investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. … Support and mature security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. Required Skills & Experience Proven experience managing DFIR or cyber incident response teams. Deep technical More ❯

Every minute of every day, Smiths Detection's threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. Smiths Detection, part of Smiths Group is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. … Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security. Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and More ❯

JOB TITLE: Detection & Response Engineer SALARY : From £70,929 depending on experience and location LOCATION(S): Leeds, Manchester, Bristol, London or Edinburgh HOURS: Full time (This role will include a requirement to work as part of an on-call rota) WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of … stay one step ahead of cyber adversaries. We pride ourselves on our innovative approach and our commitment to excellence in cyber security. Join us as a skilled and proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber event triage, classification, and investigation Complete containment, remediation, and recovery activities Build and maintain reporting mechanisms and documentation Perform root cause analysis and support post-incident reviews Why Lloyds More ❯

Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills Expertise in detection engineering, threat hunting, or a related Cyber Security field. Proficiency in Sentinel, KQL, XDR and Splunk is required. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and …/or cloud-native security services (e.g. AWS GuardDuty, GCP Chronicle). Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

What You'll Be Working On: ️ Proactively identifying and investigating advanced persistent threats (APTs), malware, and other cyber threats within the organization's network ️ Utilizing threat intelligence to hunt for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) ️ Analyzing network traffic, logs, and endpoint data to detect anomalies and uncover hidden threats ️ Collaborating with incident response and … security operations teams to track down and eliminate threats ️ Continuously improving threat detection strategies and developing new tools and techniques to stay ahead of evolving threats What We're Looking For: ️ Proven experience as a Threat Hunter or in a similar cybersecurity role focused on threat detection and incident response ️ Strong knowledge of threat … frameworks (e.g., MITRE ATT&CK) ️ Hands-on experience with security tools such as SIEM, IDS/IPS, EDR, and network traffic analysis platforms ️ Proficiency in scripting and automation for threat hunting and investigation (e.g., Python, PowerShell, Bash) ️ Certifications such as OSCP, GCIH, or CREST are highly desirable More ❯

the organisation’s cyber resilience. As a Senior Cyber Security Analyst, you will play a key role in protecting systems, networks, and data against cyber threats. You will lead threat detection and incident response efforts, support the development of security policies and controls, and work closely with stakeholders to ensure compliance and security best practice across the business. … teams to ensure cyber security best practice is considered throughout the entire SDLC. Creates and maintains documentation around the use of cyber security technology in the organisation. Carries out threat detection and incident response. Carries out vulnerability management and remediation. Collaborates as needed with third-party security vendors for expert advice and issue resolution. Carries out threat … technical background. Detailed understanding of application security along with experience of working alongside software development teams, supporting and advising on best practice to maintain security. Significant experience of endpoint detection and response (EDR) technologies and network detection and response (NDR) technologies. Detailed knowledge of Information Security standards including Cyber Essentials, Cyber Essentials Plus and ISO27001. Good understanding of More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

the organisation. You ensure that we have the visibility needed to be able to protect the organisation and its customers' data. You have a passion for Cyber defence and Threat intelligence. You'll be responsible for building the strategy and capabilities needed to be successful as well as maintain relationships with our various external partners. The Impact You'll … our incident case management and response processes. - Coordinate incident response planning and simulation exercises with senior leaders and the board. - Manage external and internal audit and due diligence activities. Threat Detection & Response - Implement and maintain robust threat detection and response capabilities across cloud, on-premise, and factory systems. -Drive continuous improvement of our vulnerability management program. … Conduct threat intelligence analysis and report on emerging trends and risks. Collaboration & Mentorship - Build trusted relationships with technology partners, vendors, and internal teams. - Collaborate closely with product and engineering teams to identify and mitigate risks in new and existing products. - Lead security awareness and education initiatives across the business. - Mentor and support a direct report within the Security Operations More ❯

and directory services such as MS Active Directory • Experience with CyberArk PAM for privileged access management Security Information and Event Management (SIEM) • Use of Splunk SIEM for real-time threat detection and log analysis • Review and optimise SIEM use cases to enhance threat detection and response capabilities Monitoring & Endpoint Security • Experience with Tanium and MS Defender More ❯

the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development … Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI … intervention. Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level More ❯

bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies, and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos' complete portfolio includes industry-leading endpoint, network, email, and cloud security that … interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs), and Managed Security Service Providers (MSSPs) worldwide … defending more than 600,000 organizations from phishing, ransomware, data theft, and other cybercrimes. The solutions are powered by threat intelligence from Sophos X-Ops and the Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary We're looking for a Senior Software Engineer 2 with deep expertise More ❯

and IIoT equipment Develop and enforce network segmentation and secure remote access strategies in alignment with IEC 62443 and NIST 800-82. Evaluate and integrate security monitoring and threat detection solutions (e.g., Armis, Nozomi, Microsoft Defender for IoT). Assess risks and recommend security controls for legacy industrial systems with limited security capabilities. Work closely with OT … Ensure change management processes align with regulatory and security compliance requirements. Security Technology Evaluation & Continuous Improvement Evaluate and recommend security technologies for network security, endpoint security, identity management, and threat detection across IT, OT, and cloud. Drive continuous improvement in security architecture by staying updated with emerging threats, security trends, and evolving regulatory requirements. Collaborate with vendors and More ❯

and governance framework aligned with business and regulatory requirements. Oversee technical security controls including firewalls, IDS/IPS, SIEM, IAM, endpoint protection, and cloud security (Azure, AWS). Lead threat detection, incident response, and recovery, ensuring minimal business disruption. Manage patching processes, AI-driven email intelligence tools, and network security across internal and customer-facing systems. Conduct risk … disaster recovery plans related to cybersecurity. Act as the primary contact for cybersecurity vendors, regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls … than a technical role — it’s an opportunity to influence business-wide security culture, work closely with senior leadership, and make tangible improvements to resilience in a rapidly evolving threat landscape. You’ll receive a competitive salary, substantial benefits, and the scope to develop your career within a forward-thinking organisation. 💡 If this sounds like your skill set, and More ❯

and endpoint environments, including laptops, mobile phones, corporate-managed, BYOD, and server-side devices. This critical role leads the engineering and enablement of endpoint protection technologies, ensuring device compliance, threat detection, and automated response capabilities. The role combines strong technical leadership, deep expertise in endpoint protection platforms, and a collaborative approach to operationalize security across all user and … across all device types and operating systems. Engineer and operate scalable solutions for endpoint protection, data loss prevention (DLP), and compliance checking. Build automated controls for device posture, encryption, threat detection, and remediation. Own and optimize integrations with tools such as Microsoft Defender, Purview, Symantec, CrowdStrike, or equivalent. Platform Integration & Automation: Drive automation for device onboarding, compliance validation … secure device baselines and policies. Build self-healing, zero-trust-aligned architectures for secure device management. Observability & Event Management: Implement real-time observability of endpoint health, risk exposure, and threat posture. Integrate with cybersecurity event and incident management pipelines for early detection and rapid response. Collaborate with the cyber and incident response teams to streamline investigation and containment. More ❯