1 to 25 of 27 Threat Intelligence Jobs in the South East

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised ...

develop a security operations capability within a fast-paced environment. This role is key to maintaining strong cyber resilience through effective incident response, threat detection, and continuous service improvement. Key Responsibilities Team Leadership: Lead and manage a cyber security operations team, ensuring strong communication, decision-making and service delivery. … incident response, ensuring processes are maintained and critical incidents are effectively managed. Security Monitoring: Deliver and improve security monitoring, including SIEM management, threat hunting, and intrusion detection. Threat Intelligence: Collect and analyse OSINT and commercial threat intelligence, providing actionable insight to stakeholders. Cyber Operations: Manage ...

develop a security operations capability within a fast-paced environment. This role is key to maintaining strong cyber resilience through effective incident response, threat detection, and continuous service improvement. Key Responsibilities Team Leadership: Lead and manage a cyber security operations team, ensuring strong communication, decision-making and service delivery. … incident response, ensuring processes are maintained and critical incidents are effectively managed. Security Monitoring: Deliver and improve security monitoring, including SIEM management, threat hunting, and intrusion detection. Threat Intelligence: Collect and analyse OSINT and commercial threat intelligence, providing actionable insight to stakeholders. Cyber Operations: Manage ...

develop a security operations capability within a fast-paced environment. This role is key to maintaining strong cyber resilience through effective incident response, threat detection, and continuous service improvement. Key Responsibilities Team Leadership: Lead and manage a cyber security operations team, ensuring strong communication, decision-making and service delivery. … incident response, ensuring processes are maintained and critical incidents are effectively managed. Security Monitoring: Deliver and improve security monitoring, including SIEM management, threat hunting, and intrusion detection. Threat Intelligence: Collect and analyse OSINT and commercial threat intelligence, providing actionable insight to stakeholders. Cyber Operations: Manage ...

develop a security operations capability within a fast-paced environment. This role is key to maintaining strong cyber resilience through effective incident response, threat detection, and continuous service improvement. Key Responsibilities Team Leadership: Lead and manage a cyber security operations team, ensuring strong communication, decision-making and service delivery. … incident response, ensuring processes are maintained and critical incidents are effectively managed. Security Monitoring: Deliver and improve security monitoring, including SIEM management, threat hunting, and intrusion detection. Threat Intelligence: Collect and analyse OSINT and commercial threat intelligence, providing actionable insight to stakeholders. Cyber Operations: Manage ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes ...

cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration … response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection . Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...

capability Senior SOC Analyst essential skills Proven experience in a SOC or similar security operations environment Strong knowledge of SIEM, incident management and threat intelligence Understanding of cloud technologies and modern networking Experience with IDAM, JML processes and ITSM frameworks Ability to lead, support and develop junior analysts … Strong communication and stakeholder engagement skills Key skills: Senior SOC Analyst, SOC, SIEM, Security Incident Management, Threat Intelligence, Cloud Security, IDAM, ISO 27001, Team Leadership ...

mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability to support … processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

systems that detect and analyse real-world cyber threats at scale. Main Duties of the Role Design and develop Python-based tools for threat intelligence and security research Build and optimise data pipelines to process large volumes of security data Work closely with researchers to identify, monitor … improve tooling and automation to enhance detection capabilities What We’re Looking For Strong commercial experience with Python development Interest or background in cybersecurity, threat intelligence, or offensive security Experience working with APIs, data processing, and distributed systems Understanding of cloud platforms (AWS, GCP, or Azure ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation's defensive capabilities while remaining … forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment, and remediation. Perform triage ...

patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti Neurons ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration standards ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft ...

operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. ...

.UK registry and help protect users from online harm. This is an ideal opportunity for someone with a strong interest in cyber threat operations and a desire to build hands‐on experience and develop their skills further. What You’ll Be Doing Investigating domain abuse reports using internal tools … open‐source intelligence (OSINT), escalating complex cases when needed Supporting operational workflows and identifying ways to improve our tools, processes and automation Assisting in the development and refinement of detection rules and identifying patterns in malicious activity Liaising with registrars and other external stakeholders to help resolve abuse cases ...

upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor ...

Threat and Vulnerability Management function within Cyber Operations is dedicated to safeguarding our organisation against cyber threats by proactively identifying, assessing, and mitigating vulnerabilities and exposures. Our mission extends beyond traditional security practices, incorporating cutting-edge approaches as we move from a traditional VM capability into Exposure Management … Continuous Threat Exposure Management (CTEM). This role will play a critical part in the ongoing transformation of this function. As our Exposure Management Validation Lead, you will take ownership of validating security exposures across our technology estate, coordinating external penetration testing providers on a call-off basis ...

provide consultation and expertise on security matters. Responsibilities: Security Operations & Incident Management: Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes . Vulnerability … technologies and policies. Knowledge of identity and access management principles. Familiarity with security accreditations such as ISO27001, CyberEssentials and CyberEssentials+. Excellent incident response and threat intelligence skills. Strong communication skills to convey security matters to technical and non-technical audiences. Benefits: 25 Days Holiday Birthday ...

Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against sophisticated cyber adversaries, including nation states and organised criminal … groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work with cutting-edge technologies in a fast-paced ...