1 to 25 of 110 Threat Intelligence Jobs

Purpose: You will lead the development and delivery of threat intelligence capabilities that directly support advanced offensive security services, including Red Team and Adversary Emulation engagements. Your mission is to identify, analyse, and translate real-world threat actor behaviour into actionable intelligence that enables realistic, threat … readiness for all client engagements, working closely with internal teams (Offensive Security, CRS, and Sales) to deliver integrated cybersecurity solutions. This includes defining relevant threat scenarios, identifying priority targets, and mapping adversary Tactics, Techniques, and Procedures (TTPs) to support structured, intelligence-driven engagements. As a senior cybersecurity specialist ...

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

Cyber Threat Intelligence Practitioner 12 Month Contract Based: Preston Hourly Rate: £27.03 Paye or £36.30 umbrella inside ir35 Onsite – 1 – 2 days per month Full time – 37 hours Monday – Friday Overview BAE Systems is seeking a skilled Cyber Threat Intelligence Practitioner to support tactical and operational … cyber threat intelligence activities across the organisation. In this role, you will take ownership of defined geographic or thematic areas of responsibility, producing high‐quality intelligence that enables proactive cyber defence. Working closely with cyber operations, collections teams, and external partners, you will help ensure BAE Systems ...

client, a reputable organisation within the Defence & Security sector, is currently seeking a Cyber Threat Intelligence Practitioner for a contracting role. This position presents a unique opportunity to apply your analytical skills and knowledge in cyber intelligence to protect critical infrastructure and national security. Key Responsibilities: Takes … ownership of a geographic or thematic area of responsibility for focused threat research. Produces operational and tactical level reports on cyber threats. Delivers threat intelligence briefs to internal cross-functional stakeholders. Supports a collaborative culture within cyber operations that is intelligence-informed and proactive. Collaborates with ...

Cyber Threat Intelligence Practitioner Make sure to apply quickly in order to maximise your chances of being considered for an interview Read the complete job description below. 12 Month Contract Based: Preston Hourly Rate: £27.03 Paye or £36.30 umbrella inside ir35 Onsite – 1 – 2 days per month Full … time – 37 hours Monday – Friday Overview BAE Systems is seeking a skilled Cyber Threat Intelligence Practitioner to support tactical and operational cyber threat intelligence activities xkybehq across the organisation. In this role, you will Please click on the apply button to read the full job description ...

become trusted advisors to our clients. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks. This will involve being on the front foot of new and emerging threats, and ensuring … affected and actions they can take. Technical testing ; vulnerability scanning, attack surface discovery, manual exploit validation, light‐touch pentesting and Open‐Source Intelligence (OSINT) gathering Client Engagement ; translating client challenges into solutions that fit S‐RM’s ASM service offerings and value proposition, understanding and supporting the proposal process ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler for P1/P2 incidents Provide and support … depth SIEM and Incident notification toolset administration and configuration Fully utilise threat intelligence capabilities for proactive threat hunting Responsible for providing communication directly with CyberClans’ customers regarding security incidents and other related topics. Aid in the development of incident response procedures and playbooks Technical liaison between other ...

develop a security operations capability within a fast-paced environment. This role is key to maintaining strong cyber resilience through effective incident response, threat detection, and continuous service improvement. Key Responsibilities Team Leadership: Lead and manage a cyber security operations team, ensuring strong communication, decision-making and service delivery. … incident response, ensuring processes are maintained and critical incidents are effectively managed. Security Monitoring: Deliver and improve security monitoring, including SIEM management, threat hunting, and intrusion detection. Threat Intelligence: Collect and analyse OSINT and commercial threat intelligence, providing actionable insight to stakeholders. Cyber Operations: Manage ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high-impact … closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high-impact … closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with ...

Staffing Pros, a division of VETS Inc., is recruiting for a full-time Threat Analyst with Splunk experience onsite in Arlington, VA. An Active Top Secret clearance is required for this role. This position is located in Arlington, VA and will be onsite 5 days a week. No hybrid … part of the Indications and Warnings team. Leverage open-source, proprietary/vendor, and classified reporting to closely track advanced persistent threat actor activity. Perform pattern, trend, and behavior analysis, as well as other specialized analysis techniques to identify malicious cyber threat activity targeting DOS information, systems ...

Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this … training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs Technical Leadership & Continuous Improvement Provide expert guidance on threat detection, incident response, and threat hunting Lead escalations for complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks ...

Managed Security Services (MSSP) function, reporting directly to the Head of SOC Operations. You will act as the senior technical authority, driving excellence in threat detection, incident response, and security operations across a diverse, multi-client portfolio. While you will lead and mentor a team, this … training, coaching, and technical mentoring Ensure accurate and timely case management (HALO) and delivery against SLAs Technical Leadership & Continuous Improvement Provide expert guidance on threat detection, incident response, and threat hunting Lead escalations for complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

security posture through continuous monitoring Security Operations Perform daily alert reviews across SIEM and security tooling Contribute to runbooks, playbooks, and operational documentation Support threat intelligence analysis and apply findings to detection and response activities Work closely with Engineering, DevOps, and IT teams to drive remediation Essential Requirements … Understanding of cloud security concepts (Azure, AWS, or GCP) Ability to assess alert context, prioritise effectively, and follow structured processes Desirable Skills Experience with threat hunting and threat intelligence Knowledge of MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration … response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection. Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management (SIEM), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection . Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...

with security tools, conducting forensic analysis, and collaborating with internal and external stakeholders. The Incident Response Lead Specialist will work closely with Security Operations, Threat Intelligence, IT Operations, and executive leadership to minimize risk exposure and ensure rapid and effective response to threats. This position requires excellent communication … identify attack vectors, root causes, and potential data exposure. Manage communication with internal teams, leadership, and external partners during and after incidents. Coordinate threat analysis and collaborate with SOC analysts, security engineers, and IT operations. Perform after-action reviews and implement lessons learned to strengthen security posture. Build ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 5+ years experience as a Cyber Security Operations Analyst Familiarity with threat intelligence ...