1 to 25 of 111 Threat Intelligence Jobs

Purpose: You will lead the development and delivery of threat intelligence capabilities that directly support advanced offensive security services, including Red Team and Adversary Emulation engagements. Your mission is to identify, analyse, and translate real-world threat actor behaviour into actionable intelligence that enables realistic, threat … readiness for all client engagements, working closely with internal teams (Offensive Security, CRS, and Sales) to deliver integrated cybersecurity solutions. This includes defining relevant threat scenarios, identifying priority targets, and mapping adversary Tactics, Techniques, and Procedures (TTPs) to support structured, intelligence-driven engagements. As a senior cybersecurity specialist ...

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

client, a reputable organisation within the Defence & Security sector, is currently seeking a Cyber Threat Intelligence Practitioner for a contracting role. This position presents a unique opportunity to apply your analytical skills and knowledge in cyber intelligence to protect critical infrastructure and national security. Key Responsibilities: Takes … ownership of a geographic or thematic area of responsibility for focused threat research. Produces operational and tactical level reports on cyber threats. Delivers threat intelligence briefs to internal cross-functional stakeholders. Supports a collaborative culture within cyber operations that is intelligence-informed and proactive. Collaborates with ...

Software-Based Organisation at the forefront of Pre-Emptive Exposure Management. As a market leader backed by significant venture funding, they are expanding their Threat Intelligence Operations by scaling the robust backend infrastructure that powers their Global Vulnerability Research & Automated Red Teaming. Role Overview: Step … engine behind their Intelligence Operations. You will build and scale the high-throughput Python ( Django ) Backend that Collects, Processes & Analyses Large Volumes of Threat Telemetry. By operationalising Complex Data Pipelines & Integrating LLM Workflows, you will directly fuel the Research that enables our enterprise clients to outmanoeuvre Real-World ...

oversees the company's security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While … based in the UK, you will support response and intelligence needs globally. Candidates should have a genuine interest in cyber security and a strong grasp of attacker tactics, techniques, and procedures (TTPs). This role requires a detail-oriented, critical thinker who understands how adversaries exploit systems, networks ...

become trusted advisors to our clients. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks. This will involve being on the front foot of new and emerging threats, and ensuring … affected and actions they can take. Technical testing ; vulnerability scanning, attack surface discovery, manual exploit validation, light‐touch pentesting and Open‐Source Intelligence (OSINT) gathering Client Engagement ; translating client challenges into solutions that fit S‐RM’s ASM service offerings and value proposition, understanding and supporting the proposal process ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler for P1/P2 incidents Provide and support … depth SIEM and Incident notification toolset administration and configuration Fully utilise threat intelligence capabilities for proactive threat hunting Responsible for providing communication directly with CyberClans’ customers regarding security incidents and other related topics. Aid in the development of incident response procedures and playbooks Technical liaison between other ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high-impact … closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high-impact … closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with ...

clear progression opportunities and will require someone to come with both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support … internal and external audits Governance, risk and compliance Skills & Experience: Proven experience in cyber Security operations, threat management and threat analysis Threat management - actively develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures Strong knowledge of SIEM, XDR, EDR, vulnerability ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this … training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs Technical Leadership & Continuous Improvement Provide expert guidance on threat detection, incident response, and threat hunting Lead escalations for complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks ...

Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this … training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs Technical Leadership & Continuous Improvement Provide expert guidance on threat detection, incident response, and threat hunting Lead escalations for complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing ...

role in the technical sales process, helping organisations understand, evaluate, and successfully implement advanced cybersecurity solutions focused on malware analysis, sandboxing, and threat intelligence. The role combines deep technical expertise with customer-facing engagement, working closely with Sales, Product, Engineering, and Customer Success teams to deliver successful outcomes throughout … success and long-term adoption. Represent the business at cybersecurity conferences, trade shows, and industry events. Act as a trusted advisor on malware analysis, threat detection, incident response, and threat intelligence use cases. Gather market and customer feedback to help influence future product strategy and roadmap direction. ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … must have. Hands on management capabilites of a team 5+, performance reviews, appraisals etc is a must have Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence, vulnerability ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during active security events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration … response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection. Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management (SIEM), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection . Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...