1 to 25 of 89 Threat Intelligence Jobs

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

Cyber Threat Detection/SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

Threat and Vulnerability Manager £55k Newport (x1 day a week) Benefits: 28.9% pension & Flexi-working The Opportunity Yolk Recruitment Public Sector & Not-for-Profit team has partnered with a specialised Civil Service Organisation who are presently undergoing an interesting transformation into the cloud space. In this role, you will … oversee and continuously improve the management of vulnerability assessments across our hybrid IT environment. Using a risk-based, threat-informed approach, you will prioritise remediation efforts and work closely with stakeholders to enhance the security posture of our systems and services. Vulnerability Management (Primary Focus) Lead and improve ...

vulnerabilities. Cybersecurity Analysts implement data classification frameworks, enforce secure handling of sensitive information, and manage encryption protocols. They deploy and optimize cybersecurity tools, manage threat intelligence platforms, and proactively address risks to ensure organizational resilience. This position requires strong analytical skills, technical expertise, and the ability to collaborate … secure storage, and access control measures. Establish and maintain data classification frameworks to ensure sensitive information is securely handled and complies with regulatory requirements. Threat Intelligence, Incident Response, and Investigation:Monitor emerging threats and maintain situational awareness through threat intelligence platforms. Respond to security incidents ...

into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations. You’ll play a key role in our Security Operations Centre, delivering 365-day monitoring … grows further, you’ll have the flexibility to focus more deeply on the areas that interest you most – whether that’s advanced detection engineering, threat intelligence, incident response leadership or platform automation. If you’re ambitious and want to help shape something rather than simply follow a process ...

Software-Based Organisation at the forefront of Pre-Emptive Exposure Management. As a market leader backed by significant venture funding, they are expanding their Threat Intelligence Operations by scaling the robust backend infrastructure that powers their Global Vulnerability Research & Automated Red Teaming. Role Overview: Step … engine behind their Intelligence Operations. You will build and scale the high-throughput Python ( Django ) Backend that Collects, Processes & Analyses Large Volumes of Threat Telemetry. By operationalising Complex Data Pipelines & Integrating LLM Workflows, you will directly fuel the Research that enables our enterprise clients to outmanoeuvre Real-World ...

oversees the company's security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While … based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). This role requires a detail-oriented, critical thinker who understands how adversaries exploit systems, networks ...

Threat Hunting Analyst - Cyber Security Location: Cheltenham (hybrid - 1-2 days per week) Salary: Up to £75,000 (depending on experience) + package NOTE: Due to the nature of this work, you must be eligible for UK DV Clearance. This is an opportunity to work at the forefront … cyber security, developing advanced detection capabilities, conducting proactive threat hunts, and helping protect some of the UK's most important digital environments. As part of a specialist SOC Content and Threat Detection team, you'll be responsible for designing, developing, and optimising threat detection content while carrying ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

Intelligence Lead - Up to £120k base I’m working with a European cyber intelligence business that sits within a wider cybersecurity group. They support organisations across financial services, government and critical infrastructure, delivering cyber and broader intelligence capability across the UK and Europe. This … more senior and visible roles in their intelligence function. The role is focused on leading intelligence sharing communities. You would be responsible for supporting members day to day, collecting and sharing intelligence, delivering regular briefings, running workshops, and helping shape the intelligence output that supports different ...

cyber security leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function … overseeing security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during active security events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic ...

analysing and responding to security threats, while driving continuous improvement across our security operations capability. You’ll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices … SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through ...

PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. Conduct forensic analysis, malware reverse engineering, and develop IOCs and detection signatures. Manage and integrate logs from various sources, ensuring full … visibility and compliance. Analyse attacker TTPs and manage threat intelligence, including incident assessment and reporting. Collaborate with stakeholders to ensure operational effectiveness and continuous process improvement. Maintain knowledge of current cyber threats and emerging trends. What you'll bring: Proven hands-on experience with SIEM and SOAR platforms ...

ensure that security good practise is fully embedded into change initiatives, and security by design principles are applied. * Co-ordinate and undertake regular threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Key Skills: * Strong understanding … network and end point security, incident response, threat intelligence, and vulnerability management. * Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. * Strong knowledge of Microsoft Azure cloud security technologies and concepts. * Familiar with cybersecurity frameworks such as NIST CSF, ISO27001 ...

internal teams and vendors to ensure reliable, high-quality telemetry Detection Engineering Design and implement detection use cases aligned to MITRE ATT&CK and threat intelligence Build and tune correlation rules, anomaly detections, dashboards, and alerting workflows Continuously refine detections to reduce false positives and improve effectiveness … LogRhythm, or Exabeam Strong understanding of log formats (JSON, syslog, XML, CEF) and ingestion methods (APIs, Kafka, Event Hubs, agents) Experience in detection engineering, threat modelling, and attacker behaviour analysis Proven ability to build and tune correlation rules, dashboards, and alerts Familiarity with SOAR tools and automation workflows Security ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst Experience working with Splunk Familiarity with … threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols and attacker ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst Experience working with Splunk Familiarity with … threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols and attacker ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...