1 to 25 of 89 Threat Detection Jobs in the UK excluding London

Cloud Security Architecture & Implementation Design and implement cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring … tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance enforcement using Python More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). … to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation. More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take charge … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus More ❯

of security technologies, including SIEM, EDR, firewalls, VPNs, and cloud security (AWS, Azure, GCP). Strong hands-on experience with Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and Detection Rule languages such as KQL. Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar. Familiarity with compliance More ❯

manage next-gen security solutions (SIEM, IDS/IPS, endpoint protection, cloud security) 🔹 Lead technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP More ❯

ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. Please note that in this role, you will have an 8x5 Monday-Friday schedule, with flexibility to respond to after-hours pages for potentially major security incidents to More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

SharePoint, Teams, and OneDrive, ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate, Power Apps, and Microsoft Defender XDR. … Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. More ❯

Cyber Threat Hunter/Threat Intelligence Analyst/Cyber Threat Analyst/Threat Detection Analyst/Security Operations Center (SOC) Analyst/SOC Analyst/Cybersecurity Analyst/Threat Hunting/AWS/Azure/Microsoft 365 Warwickshire Permanent role - £40,000 60,000. One of our leading clients is looking to recruit a … Cyber Threat Hunter/Analyst. Location Warwickshire/Remote (2 days per month in office) Salary £40,000 60,000 Experience: Working in Security Operation Centres, incident response or threat hunting and associated technologies used by these roles and functions. Experience with cloud security tools and platforms (e.g., AWS, Azure, Microsoft 365) Strong documentation skills in order to … provide high quality documentation for internal customers and technical teams. A good knowledge of Active Directory and Entra, knowledge of Endpoint Operating System fundamentals. Demonstrable expertise in threat hunting practices and methodologies with experience in Threat Intelligence platforms and sources. Strong understanding and experience with Windows and its related logging/telemetry. Strong and demonstrable practical experience responding More ❯

the Cadworks Building, Glasgow. The Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable defences. This role is hands … of conditional access, Defender for Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with … SWG services. Enforce network segmentation, micro-perimeter security, and policy-based routing for hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat hunting activities. Support proactive telemetry More ❯

Develop and implement a comprehensive security architecture strategy tailored to the unique risks and operational needs of the semiconductor design, manufacturing and high-tech partner ecosystem. Define reference architectures, threat models, and security design patterns across hybrid, cloud-native, and on-premise environments. Mentor a technically excellent team, with a solid focus on domain-specific expertise (cloud, semiconductors, AI … with industry standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous More ❯

and potential threats. Investigate security incidents, conduct forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing systems to ensure configuration conforms … to security best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response … EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g., Python, PowerShell) for security operations and incident response. What's Next? Click apply below and we will ensure More ❯

The team you'll be working with: P3 Senior SOC Analyst (L3) We are currently recruiting a Senior SOC Analyst L3 Managed Detection and Responseto join our growing Security Operations Centre business. ThisrolewillbebasedonsiteinBirmingham,youwillneedtobewillingtoworkinshiftpatters,probably4dayson,4daysoff,asthisisa24/7securityoperationscentre. About Us NTT DATA is one of the world's largest Global Security services providers with over 7500 Security SMEs … from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and improve detection capabilities. Generate detailed reports on emerging threats, attack trends, and security posture improvements. Monitored and analysed security logs from SIEM platforms to identify suspicious activity. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation More ❯

has never been greater. You will own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities GRC Leadership: Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC … governance controls. Security Strategy: Develop and execute a long-term cybersecurity strategy aligned with business goals, balancing innovation and risk. Security Operations: Oversee day-to-day cybersecurity operations, including threat detection, incident response, vulnerability management, and network security. Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via … version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and … with SIEM tools such as Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within … SOC team. Desirable (Nice-to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP . Previous experience handling SC or DV cleared environments. Demonstrated ability to fine-tune detection logic and improve SOC processes. Active engagement with the cybersecurity community and awareness of emerging trends. Role & Responsibilities: As a Senior SOC Analyst , you will be at the forefront More ❯

plan, life assurance, pension scheme, and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity postures. Essential Skills and … on expertise with SIEM tools such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a … SOC team Desirable (Nice-to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you will be at the forefront of More ❯

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating … recovery efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud More ❯

on your shift, while also delivering advanced security operations services to clients across a range of industries. As a Senior SOC Analyst , you will be central to incident response, threat hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including … and investigating incidents, fostering a culture of collaboration and continuous learning. Client Relationship Management: Act as a point of contact, managing ongoing communications and ensuring technical needs are met Threat Detection & Analysis: Triage and analyse alerts across multiple SIEM platforms (e.g., Microsoft Sentinel, custom ELK stacks). Log & Threat Intelligence Analysis: Perform detailed log analysis and threat intelligence research to uncover root causes and bolster security defences. Technical Reporting: Deliver clear, client-focused reports on incidents, alerts, and threat activity. Escalation Handling: Manage critical escalations with precision and provide comprehensive, well-documented resolutions. SOC Innovation: Work with leadership to enhance operational efficiency and integrate emerging technologies. Incident Management: Lead security incident investigations and responses, offering More ❯

a cyber security role (ideally within an MSP or multi-client setting) Security certifications like Security+, CySA+, or equivalent (working toward CISSP or equivalent a bonus) Strong understanding of threat detection, risk analysis, and incident response Excellent communication and documentation skills Why Join? Broad exposure across industries and technologies Supportive, close-knit team environment Clear progression paths into More ❯

Type: Permanent/Full-time (Monday - Friday) Key Responsibilities: Cyber Security Oversight: Lead the implementation, maintenance, and enforcement of IT security policies and systems. Drive a proactive approach to threat detection and incident response to ensure robust protection of infrastructure. Advanced Technical Support: Act as a senior technical resource within the ICT team, providing 3rd and 4th line More ❯

Type: Permanent/Full-time (Monday - Friday) Key Responsibilities: Cyber Security Oversight: Lead the implementation, maintenance, and enforcement of IT security policies and systems. Drive a proactive approach to threat detection and incident response to ensure robust protection of infrastructure. Advanced Technical Support: Act as a senior technical resource within the ICT team, providing 3rd and 4th line More ❯

Type: Permanent/Full-time (Monday - Friday) Key Responsibilities: Cyber Security Oversight: Lead the implementation, maintenance, and enforcement of IT security policies and systems. Drive a proactive approach to threat detection and incident response to ensure robust protection of infrastructure. Advanced Technical Support: Act as a senior technical resource within the ICT team, providing 3rd and 4th line More ❯

This position requires a deep understanding of SecOps concepts, technologies, and best practices, specifically across IT and OT environments. You will be tasked with ensuring robust incident management, proactive threat detection, and continuous improvement of our security posture. Strong communication and collaboration skills are essential as you will work closely with cross-functional teams to mitigate risks and … investigate and resolve incidents. Proactive Risk Remediation: • Identify, analyse, and evaluate security risks, applying a risk-based approach to implement appropriate and proportionate controls. • Perform proactive activities such as threat hunting to uncover vulnerabilities and ensure continuous risk reduction. • Provide tangible metrics to demonstrate risk reduction and reduced technical debt. Incident Readiness & Response: • Lead the incident triage and response More ❯