THreatIntelligence Lead £65000 GBP Onsite WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber ThreatIntelligence & Vulnerability Lead Leeds - Fully Onsite £65,000 Join a dedicated Security Operations Centre protecting UK Critical National Infrastructure. You'll lead a highly skilled Cyber ThreatIntelligence and Vulnerability team, working with DV-cleared professionals on … meaningful, mission-critical projects. What you'll be doing Leading CTI and vulnerability operations within a 24/7 SOC Overseeing intelligence gathering, analysis, and threat actor profiling (including use of tools like Cobalt Strike) Driving vulnerability management programmes, ensuring timely remediation of security risks Liaising with senior stakeholders across government and defence sectors Ensuring operational excellence and … adherence to national security standards Experience required Extensive hands-on CTI and vulnerability management experience Leadership of technical teams within high-security environments Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) Familiarity with tools such as Cobalt Strike, SIEM, and vulnerability scanning platforms Active DV clearance (or willingness to achieve it) The package Competitive salary + benefits More ❯
Northampton, Northamptonshire, United Kingdom Hybrid / WFH Options
Anson Mccade
and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threatintelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threatintelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threatMore ❯
Northampton, Northamptonshire, England, United Kingdom
Howdens Joinery
actions based on severity, and coordinates containment and remediation activities when threats are confirmed. Assists with proactive hunting activities to uncover undetected threats and helps build hypotheses based on threatintelligence, behavioural patterns, and environmental baselines. Performs regular updates and tuning of detection rules, playbooks, and alert thresholds to reduce false positives and ensure high-fidelity threatMore ❯