1 to 25 of 58 Threat Intelligence Jobs in the UK excluding London

/Cyber Threat Detection Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

client, a reputable organisation within the Defence & Security sector, is currently seeking a Cyber Threat Intelligence Practitioner for a contracting role. This position presents a unique opportunity to apply your analytical skills and knowledge in cyber intelligence to protect critical infrastructure and national security. Key Responsibilities: Takes … ownership of a geographic or thematic area of responsibility for focused threat research. Produces operational and tactical level reports on cyber threats. Delivers threat intelligence briefs to internal cross-functional stakeholders. Supports a collaborative culture within cyber operations that is intelligence-informed and proactive. Collaborates with ...

Lead 6 months Bath - hybrid x3 days onsite x2 remote Active SC/DV clearance required £700 per day outside IR35 The SOC Lead - Threat Hunting & Investigations is responsible for leading advanced threat detection, proactive threat hunting, and complex security investigations across the enterprise. This role focuses … elevating the maturity of SOC investigative and hunting capabilities. The role combines technical leadership, hands-on expertise, and mentorship of analysts. Key Responsibilities Threat Hunting Lead proactive, hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned ...

well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We’re looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you’ll focus on building high-impact … closely with internal teams and an outsourced SOC partner Mission-focused : Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with ...

clear progression opportunities and will require someone to come with both technical and GRC security experience. Key Responsibilities: Oversee security incident management and response Threat management Configure, implement and maintain security tools such as SIEM, XDR, EDR, vulnerability management Implement and maintain security controls Conduct vendor risk assessments, support … internal and external audits Governance, risk and compliance Skills & Experience: Proven experience in cyber Security operations, threat management and threat analysis Threat management - actively develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures Strong knowledge of SIEM, XDR, EDR, vulnerability ...

fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth and continues to invest … professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership or specialist career paths such as SOC leadership, threat hunting, security engineering, or incident response. Key Responsibilities Lead in-depth analysis and investigation of security incidents, identifying root causes and recommending remediation actions ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

continuously improve the cyber incident response plan, ensuring readiness across the organisation Provide strategic cyber security advice to senior leadership on monitoring, logging, and threat response Establish a use-case driven monitoring and alerting capability to improve threat detection and response times Oversee threat intelligence, vulnerability … capability Core Experience Required Proven experience leading a Security Operations Centre (SOC/CSOC) or cyber security operations function Strong background in incident response, threat detection, and cyber resilience Hands-on experience with SIEM, IDS/IPS, endpoint security, and monitoring tools Solid understanding of threat intelligence ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during active security events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic ...

monitoring, analysing and responding to security threats, while driving continuous improvement across our security operations capability. Youll play a key role in incident response, threat intelligence, vulnerability management and ensuring effective use of our security tools and processes to reduce risk across the technology estate. Key responsibilities Monitor … activities, validating effectiveness through vulnerability scanning Oversee and operate key security technologies, including SIEM, email and web gateways, and endpoint protection tools Monitor external threat intelligence sources and assess relevance to the organisation Produce and report on security metrics, KPIs and operational performance Technical expertise Good understanding ...

Proven experience delivering an effective security monitoring capability, with continuous improvements that reflect changes from risks and threats in a timely manner, including proactive threat hunting and intrusion detection . Proven experience delivering threat intelligence and assessment in the context of the organisation to stakeholders by gathering … analysing information to identify and mitigate cyber threats from both open-source (OSINT) and commercial threat intelligence. Proven experience operating cyber security solutions and tools e.g. Security Information and Event Management ( SIEM ), maintaining security records and documentation in accordance with security operating procedures. Demonstrated experience in managing relationships with ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge Strong ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience & Attributes 3+ years experience as a Cyber Security Operations Analyst Familiarity with threat intelligence ...

security incidents, escalating them as necessary within the team. · Alert Management: Respond to security alerts, perform initial investigations, and document findings. · Log Analysis/Threat Hunting: Review and analyse logs from various security tools and devices to identify potential security incidents within customer environments. · Collaboration: Work closely with other … address security issues and improve the security posture. · Reporting: Create and maintain detailed incident reports, periodic customer reports and documentation for future reference. · Threat Intelligence: Stay updated with the latest security threats, vulnerabilities, and technology trends. Assist in the development and maintenance of a comprehensive Threat Intelligence ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments Familiarity with risk management tools and methodologies. What ...

mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability to support … processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 2+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability to support … processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

client, a reputable organisation within the Defence & Security sector, is currently seeking a Cyber Threat Intelligence Practitioner for a contracting role. This position presents a unique opportunity to apply your analytical skills and knowledge in cyber intelligence to protect critical infrastructure and national security. Key Responsibilities: Takes ...

systems that detect and analyse real-world cyber threats at scale. Main Duties of the Role Design and develop Python-based tools for threat intelligence and security research Build and optimise data pipelines to process large volumes of security data Work closely with researchers to identify, monitor … improve tooling and automation to enhance detection capabilities What We’re Looking For Strong commercial experience with Python development Interest or background in cybersecurity, threat intelligence, or offensive security Experience working with APIs, data processing, and distributed systems Understanding of cloud platforms (AWS, GCP, or Azure ...

communication) for confirmed security incidents, following established escalation procedures Ensuring that all incidents are promptly escalated to senior leadership or external partners, as appropriate Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions to the MITRE … framework Monitor threat intelligence feeds for information on new vulnerabilities, malware campaigns, or attack techniques that could impact the Council Evaluate this intelligence and adjust monitoring priorities or techniques accordingly Detection Improvement: In collaboration with the Information Security Technical Lead, contribute to the development and refinement ...

fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast … Duration: 10 weeks Format: Online, pratical workshops Schedule: Mon-Thur 6PM-9PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond ...

fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast … Duration: 10 weeks Format: Online, pratical workshops Schedule: Mon-Thur 6PM-9PM What you’ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond ...

funded Cyber Security course (NCFE Certificate in Principles of Cyber Security, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you’ll gain hands-on experience that prepares you for today’s fast … weeks Format: Online, practical workshops Schedule: Mon-Fri 09:45AM-2:45PM What you’ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond ...