1 to 25 of 160 Threat Detection Jobs in the UK

Lead Cyber Threat Detection Engineer page is loaded Lead Cyber Threat Detection Engineer Apply locations Mumbai, India London, United Kingdom Brussels area, Belgium Paris, France Frankfurt, Germany posted on Posted 6 Days Ago job requisition id 1 ABOUT US We're the world's leading provider … if required and may offer some contributions towards relocation costs. Are you an experienced IT professional looking to lead a dynamic team in cyber threat detection? Do you thrive in a collaborative environment where your innovative solutions can make a global impact? Join our team at Swift, where … we are committed to providing flawless cyber security services. As a Lead Cyber Threat Detection Engineer, you will be part of a world-class team dedicated to securing financial messaging services globally. This is an outstanding opportunity to work with a diverse and enthusiastic group, constantly innovating and More ❯

we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a Senior … Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and More ❯

Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are on the lookout for a UK-based Senior Security Engineer to join our Security Operations & Response Team. This role is pivotal in enhancing Marqeta's ability to detect and respond to threats. You will contribute to the … design, documentation, and implementation of a security detection engineering program, participate in on-call rotations and incident response efforts, and collaborate with various teams to assess detection gaps across Marqeta. This role offers the opportunity to directly impact the program through strong technical contributions. The role reports to … role can be performed remotely or from our London office. We'd love for you to join us! The Impact You'll Have Perform detection engineering and regularly write/maintain detection logic to identify suspicious activity Document and track detection capabilities across numerous data sources Work More ❯

Cyber Threat Intelligence Analyst – AVP Location: Manchester or Glasgow Do you have over 2 years of hands-on experience working in a dedicated Cyber Threat Intelligence (CTI) team? (This is essential) A Global, Tier 1 Financial institution is looking to strengthen and grow their Threat intelligence team. … They are looking for a Cyber Threat Intelligence Analyst to join their global security teams supporting critical detection and response operations. This is a hands on role requiring strong technical skills and the ability to execute in highly regulated/high pressure environments. Key Responsibilities: Monitor and manage … threat detection tools (SIEM, IDS/IPS, DLP, etc.) Investigate, triage, and respond to security incidents Analyse emerging cyber threats and assess relevance to the business Collaborate with teams to improve incident response processes and security controls Contribute to threat intelligence reporting and recommendations What We’re More ❯

Cyber Threat Intelligence Analyst – AVP Location: Manchester or Glasgow Do you have over 2 years of hands-on experience working in a dedicated Cyber Threat Intelligence (CTI) team? (This is essential) A Global, Tier 1 Financial institution is looking to strengthen and grow their Threat intelligence team. … They are looking for a Cyber Threat Intelligence Analyst to join their global security teams supporting critical detection and response operations. This is a hands on role requiring strong technical skills and the ability to execute in highly regulated/high pressure environments. Key Responsibilities: Monitor and manage … threat detection tools (SIEM, IDS/IPS, DLP, etc.) Investigate, triage, and respond to security incidents Analyse emerging cyber threats and assess relevance to the business Collaborate with teams to improve incident response processes and security controls Contribute to threat intelligence reporting and recommendations What We’re More ❯

Cyber Threat Intelligence Analyst Full Time/Permanent £60,000 - £70,000 + bonus, private medical, double matched pension Warwickshire/Hybrid The Role and Company: I am looking for a driven Cyber Threat Intelligence Analyst to join a large nationally recognised brand head quartered in the West … Midlands. As a Cyber Threat Intelligence Analyst you will work alongside the engineering team ensuring they know what to focus on and understand what emerging and advanced persistent threat actors are leveraging to compromise systems. The role will work in tandem with the rest of threat detection engineering to provide technical threat intelligence. You will provide actionable technical intelligence to detection engineers, threat hunters and security operations. We are ideally looking for someone Midlands based who can be on site in Warwickshire once a week/fortnight on average. Responsibilities and Experience required More ❯

generous flexible benefits fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior Security Operations Centre More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you More ❯

and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to … Have): Industry-recognised cybersecurity certifications such as CRT or OSCP . Previous experience handling SC or DV cleared environments. Demonstrated ability to fine-tune detection logic and improve SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence … leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att … ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for More ❯

and enforce compliance. Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. On-Call Support: Provide 24/7 on-call support More ❯

Cisco Talos Security Intelligence and Research Group is at the forefront of detecting and correlating threats in real-time, using the world's largest threat detection network. We collaborate extensively across Cisco's security ecosystem, driving innovation in threat detection technologies to safeguard the Internet from … as a member of a multi-disciplinary team, providing domain expertise when needed, sharing ideas and knowledge. What you'll do Proactively analyze potential detection gaps, propose projects and ideas, and define and implement a plan to make them real. Analyze large datasets to extract complex data patterns. Monitor … changes in the threat landscape via automation and visualization techniques and develop models to identify new threats. You will have the opportunity to build or enhance machine-learning pipelines to support Cisco's security products and tools, covering from model selection and training, to optimization, deployment, and monitoring. You More ❯

part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and … Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action More ❯

incident response, compliance, and implementing innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in … response: investigate and mitigate security incidents, applying root cause analysis and remediation. Security testing: conduct regular application and network security assessments to identify vulnerabilities. Threat intelligence: monitor the cybersecurity landscape for emerging threats and develop innovative defensive strategies. Development security: monitor version control systems, identify vulnerabilities, and collaborate with More ❯

UK Security Clearance (DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … the Senior SOC Analyst role : Degree qualified in a relevant discipline Industry-recognised cybersecurity certifications such as CRT or OSCP Able to fine-tune detection logic and improve SOC processes Full details of the Senior SOC Analyst role is available on application. To apply please submit your current CV More ❯

by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯

by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯

by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯

managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. Key Responsibilities of the Role: Manage, build, and develop stakeholder relationships through regular meetings, strategic updates and consultative insights Lead comprehensive … and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders Provide clear actionable guidance on threat detection while consulting with technical and non-technical stakeholders Review security posture of client businesses, perform gap analyses, and create and deliver reports More ❯

Tier 2 SOC Analyst - Cyber Threat Analysis Center Job Description: The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising … events and identifying patterns or anomalies that may indicate suspicious or malicious activity. Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant More ❯