1 to 25 of 177 Threat Detection Jobs in the UK

Cloud Security Architecture & Implementation Design and implement cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring … tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar. Familiarity with compliance More ❯

of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP). Operating in a highly regulated, Real Time financial services … environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure. What You'll Do SOC Leadership & Threat Detection Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads. Establish and maintain 24/7 detection and response capabilities … fine-tuning alerting rules and monitoring strategies. Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools. Define and maintain runbooks, incident playbooks, and escalation procedures. Incident Response & Threat Intelligence Own the full life cycle of security incidents from detection to remediation and post-incident review. Perform advanced threat hunting and More ❯

of its cloud-first security operations function. This is a high-impact, hands-on leadership role with end-to-end responsibility for managing the Security Operations Centre (SOC), incident detection and response, threat intelligence, and cloud-native security engineering-with a strong focus on Google Cloud Platform (GCP). Operating in a highly regulated, Real Time financial services … environment, this role requires deep technical knowledge, operational maturity, and experience applying security best practices across a fast-moving cloud infrastructure. What You'll Do SOC Leadership & Threat Detection Lead and mentor a team of SOC analysts and engineers, ensuring high-quality coverage across all GCP workloads. Establish and maintain 24/7 detection and response capabilities … fine-tuning alerting rules and monitoring strategies. Deploy and maintain detection rules using Chronicle SIEM, YARA, Sigma, and GCP-native logging tools. Define and maintain runbooks, incident playbooks, and escalation procedures. Incident Response & Threat Intelligence Own the full life cycle of security incidents from detection to remediation and post-incident review. Perform advanced threat hunting and More ❯

technology, now and for generations to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role Overview As a Lead Cyber … threats and technology trends into actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver reusable frameworks and methodologies across … management, and investment planning. Create business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and support career development in advisory More ❯

manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) 🔹 Lead technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP More ❯

ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. Please note that in this role, you will have an 8x5 Monday-Friday schedule, with flexibility to respond to after-hours pages for potentially major security incidents to More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

SharePoint, Teams, and OneDrive, ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. … Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. More ❯

Cyber Threat Hunter/Threat Intelligence Analyst/Cyber Threat Analyst/Threat Detection Analyst/Security Operations Center (SOC) Analyst/SOC Analyst/Cybersecurity Analyst/Threat Hunting/AWS/Azure/Microsoft 365 Warwickshire Permanent role - £40,000 60,000. One of our leading clients is looking to recruit a … Cyber Threat Hunter/Analyst. Location Warwickshire/Remote (2 days per month in office) Salary £40,000 60,000 Experience: Working in Security Operation Centres, incident response or threat hunting and associated technologies used by these roles and functions. Experience with cloud security tools and platforms (e.g., AWS, Azure, Microsoft 365) Strong documentation skills in order to … provide high quality documentation for internal customers and technical teams. A good knowledge of Active Directory and Entra, knowledge of Endpoint Operating System fundamentals. Demonstrable expertise in threat hunting practices and methodologies with experience in Threat Intelligence platforms and sources. Strong understanding and experience with Windows and its related logging/telemetry. Strong and demonstrable practical experience responding More ❯

the Cadworks Building, Glasgow. The Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable defences. This role is hands … of conditional access, Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with … SWG services. Enforce network segmentation, micro-perimeter security, and policy-based routing for hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry More ❯

of the role include: Advocating for infrastructure/application Security and providing support for security projects. Competence in reviewing new technologies, methodologies and integration opportunities. Support in enhancing security detection and incident response efforts/playbooks. Monitoring, remediating, and reporting on security events. Supporting team and activities required for maintaining Smart Communications standards and certification requirements. What we're … Must have skills and experience : At least 3 years of hands-on, proven industry experience in a similar role. Good understanding of security principles, technologies, and best practices, including threat detection and mitigation strategies. Good level of knowledge of cloud security: AWS and Azure. Experience ensuring data confidentiality, integrity, and availability throughout its lifecycle, including during transmission, storage … understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We look for the following SMART values in everyone we hire at Smart Communications: S peak Openly - We are positive, creative, helpful, kind and More ❯

Develop and implement a comprehensive security architecture strategy tailored to the unique risks and operational needs of the semiconductor design, manufacturing and high-tech partner ecosystem. Define reference architectures, threat models, and security design patterns across hybrid, cloud-native, and on-premise environments. Mentor a technically excellent team, with a solid focus on domain-specific expertise (cloud, semiconductors, AI … with industry standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous More ❯

standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects More ❯

standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects More ❯

solutions. Experience with security automation using PowerShell, Azure Policy, or Infrastructure-as-Code (IaC). Strong understanding of compliance frameworks (ISO 27001, NIST, CIS Benchmarks, GDPR). Experience in threat detection, incident response, and forensic analysis. Familiarity with Identity and Access Management (IAM) principles, Azure AD, and MFA. Experience working in a DevSecOps environment and improving IT systems More ❯

GDPR, and other standards. Manage risk proactively : identify and mitigate vulnerabilities across cloud environments and applications. Embed secure development : working with Engineering to integrate DevSecOps best practices. Enhance threat detection and incident response : improving our ability to react quickly and effectively. Assess and secure third-party vendors : ensuring strong security across our ecosystem of vendors and partners. Amazing More ❯

and potential threats. Investigate security incidents, conduct forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to ensure configuration conforms … to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response … EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python, PowerShell) for security operations and incident response. What's Next? Click apply below and we will ensure More ❯

The team you'll be working with: P3 Senior SOC Analyst (L3) We are currently recruiting a Senior SOC Analyst L3 Managed Detection and Responseto join our growing Security Operations Centre business. ThisrolewillbebasedonsiteinBirmingham,youwillneedtobewillingtoworkinshiftpatters,probably4dayson,4daysoff,asthisisa24/7securityoperationscentre. About Us NTT DATA is one of the world's largest Global Security services providers with over 7500 Security SMEs … from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection More ❯