1 to 25 of 88 Threat Detection Jobs in the UK excluding London

Cyber Threat Intelligence Analyst – AVP Location: Manchester or Glasgow Do you have over 2 years of hands-on experience working in a dedicated Cyber Threat Intelligence (CTI) team? (This is essential) A Global, Tier 1 Financial institution is looking to strengthen and grow their Threat intelligence team. … They are looking for a Cyber Threat Intelligence Analyst to join their global security teams supporting critical detection and response operations. This is a hands on role requiring strong technical skills and the ability to execute in highly regulated/high pressure environments. Key Responsibilities: Monitor and manage … threat detection tools (SIEM, IDS/IPS, DLP, etc.) Investigate, triage, and respond to security incidents Analyse emerging cyber threats and assess relevance to the business Collaborate with teams to improve incident response processes and security controls Contribute to threat intelligence reporting and recommendations What We’re More ❯

Cyber Threat Intelligence Analyst – AVP Location: Manchester or Glasgow Do you have over 2 years of hands-on experience working in a dedicated Cyber Threat Intelligence (CTI) team? (This is essential) A Global, Tier 1 Financial institution is looking to strengthen and grow their Threat intelligence team. … They are looking for a Cyber Threat Intelligence Analyst to join their global security teams supporting critical detection and response operations. This is a hands on role requiring strong technical skills and the ability to execute in highly regulated/high pressure environments. Key Responsibilities: Monitor and manage … threat detection tools (SIEM, IDS/IPS, DLP, etc.) Investigate, triage, and respond to security incidents Analyse emerging cyber threats and assess relevance to the business Collaborate with teams to improve incident response processes and security controls Contribute to threat intelligence reporting and recommendations What We’re More ❯

Cyber Threat Intelligence Analyst Full Time/Permanent £60,000 - £70,000 + bonus, private medical, double matched pension Warwickshire/Hybrid The Role and Company: I am looking for a driven Cyber Threat Intelligence Analyst to join a large nationally recognised brand head quartered in the West … Midlands. As a Cyber Threat Intelligence Analyst you will work alongside the engineering team ensuring they know what to focus on and understand what emerging and advanced persistent threat actors are leveraging to compromise systems. The role will work in tandem with the rest of threat detection engineering to provide technical threat intelligence. You will provide actionable technical intelligence to detection engineers, threat hunters and security operations. We are ideally looking for someone Midlands based who can be on site in Warwickshire once a week/fortnight on average. Responsibilities and Experience required More ❯

generous flexible benefits fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior Security Operations Centre More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you More ❯

and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to … Have): Industry-recognised cybersecurity certifications such as CRT or OSCP . Previous experience handling SC or DV cleared environments. Demonstrated ability to fine-tune detection logic and improve SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you More ❯

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence … leading incident response, improving detection mechanisms, and mentoring Junior Analysts. Your responsibilities will include: Analysing security incidents using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att … ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for More ❯

and enforce compliance. Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat detection, and risk mitigation strategies. * On-Call Support: Provide 24/7 on-call support More ❯

Cisco Talos Security Intelligence and Research Group is at the forefront of detecting and correlating threats in real-time, using the world's largest threat detection network. We collaborate extensively across Cisco's security ecosystem, driving innovation in threat detection technologies to safeguard the Internet from … as a member of a multi-disciplinary team, providing domain expertise when needed, sharing ideas and knowledge. What you'll do Proactively analyze potential detection gaps, propose projects and ideas, and define and implement a plan to make them real. Analyze large datasets to extract complex data patterns. Monitor … changes in the threat landscape via automation and visualization techniques and develop models to identify new threats. You will have the opportunity to build or enhance machine-learning pipelines to support Cisco's security products and tools, covering from model selection and training, to optimization, deployment, and monitoring. You More ❯

part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and … Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action More ❯

UK Security Clearance (DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threat intelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … the Senior SOC Analyst role : Degree qualified in a relevant discipline Industry-recognised cybersecurity certifications such as CRT or OSCP Able to fine-tune detection logic and improve SOC processes Full details of the Senior SOC Analyst role is available on application. To apply please submit your current CV More ❯

by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the UK for … least 6 months working experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising More ❯

The Tier 2 Cyber Security Analyst - is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation … Analyst works closely with senior and Junior Analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising … events and identifying patterns or anomalies that may indicate suspicious or malicious activity. Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This position plays … a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and implementing More ❯

a passion to be part of a fast-paced, successful team. This is a hands-on technical lead role, requiring expertise in security assessments, threat detection and incident response. We are looking for someone with a solid technical background who is willing to take on a broader remit … similar technical role Strong understanding of cloud security (AWS, Azure, Google Cloud), network security, and endpoint protection Hands-on experience with SIEM tools, intrusion detection, firewalls, and threat analysis Knowledge of identity and access management (IAM), zero-trust architectures, and encryption techniques Experience conducting vulnerability assessments, and risk More ❯

and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business … a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence … Stay updated on the latest cyber threats, attack vectors, and trends in the cybersecurity landscape. Continuously enhance skills in areas such as incident response, threat hunting, and the utilisation of threat intelligence. Support VBGs compliance with Audit, Data Protection, PCI and other security standards. What Were Looking For More ❯

protocols are in place. Develop and test business continuity and disaster recovery plans to minimise business disruption in the event of a cyberattack. Drive threat intelligence programs, proactively identifying and mitigating emerging risks. Manage external teams of security penetration testers working on monthly cycles to test and improve security … robust security measures across networks, endpoints, cloud platforms, and IT infrastructure to safeguard systems and data. Oversee the deployment and management of firewalls, intrusion detection systems (IDS), endpoint security solutions, and zero-trust architectures. Collaborate with IT and DevOps teams to embed security into cloud environments (AWS, Azure, Google … and improve security defences. Develop a comprehensive risk register, prioritising risks based on business impact and likelihood of exploitation. Implement continuous monitoring and advanced threat detection tools to proactively identify security threats and vulnerabilities. Develop and deliver security training programs for employees, promoting a company-wide culture of More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift … SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift … SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate More ❯

security, and hands-on experience with leading security technologies. You will be responsible for ensuring the security and integrity of our systems, providing proactive threat detection and response, and supporting the implementation of security controls and policies across cloud, on-premise, and hybrid environments. This role also involves … cloud environments, with expertise in Microsoft Azure security best practices. Work with Palo Alto Networks or Panorama solutions for enterprise-wide network security and threat management. Leverage Infrastructure as Code (IaC) principles using Terraform to automate security policies and infrastructure deployment. Utilize Security Information and Event Management (SIEM) solutions … monitor, detect, and respond to security incidents. Create and maintain runbooks for security incident response, including automating workflows to improve incident response times. Lead threat hunting activities across on-premises and cloud environments to proactively identify potential security threats. Assist with Cyber Essentials Plus and ISO 27001 audits and More ❯