26 to 50 of 58 Threat Intelligence Jobs in the UK excluding London

years' experience in a SOC or closely related cyber security role Strong working knowledge of: SIEM platforms Security Incident Management Cloud environments Networking fundamentals Threat intelligence and threat hunting Information security principles Phishing, ransomware, and modern attack vectors Identity & Access Management (IAM) Joiners, Movers, and Leavers ...

Director, Cyber Security Operations and Threat Management Job Category : Information Technology Requisition Number : DIREC003304 Posted: April 15, 2026 Full-Time Hybrid Locations Showing 1 location FL - Headquarters 7850 SW 6th Ct Plantation, FL 33324, USA The Director for Security Operations and Threat Management is a strategic, and technically … between high‐level security strategy and hands‐on operational excellence, ensuring our global infrastructure—on‐prem and cloud—remains resilient against an ever‐evolving threat landscape. In addition, the Director will manage and monitor various security systems/tools and supports the assessment of system security controls. The ideal ...

escalation point for analysts, and provide out-of-hours escalation support when required. This is a highly technical, hands-on role where youll lead threat hunting, develop and tune SIEM detections, and help mature SOC processes and response playbooks. Youll also play a key role in mentoring analysts … driven detection, automation, and response capabilities are introduced. You will: Develop, tune, and maintain SIEM detection rules across customer environments Conduct proactive threat hunting and threat intelligence research Act as a senior escalation point for Cyber Security Analysts Coach and mentor analysts, supporting skills development and knowledge ...

progress into a SOC Manager role over the coming years. Key Responsibilities Monitor, investigate, and respond to security incidents across multiple client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/… other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures Collaborate with infrastructure and engineering teams to strengthen security posture Produce detailed incident reports and client-facing documentation Assist with vulnerability management and security compliance activities Contribute to mentoring ...

Cybersecurity Analyst to join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation's defensive capabilities while remaining … forefront of the evolving threat landscape. Key Responsibilities Monitor and analyse security events across networks, endpoints, and cloud environments using SIEM, EDR, and related security tools, in line with documented SLAs. Investigate, respond to, and resolve security incidents and alerts, ensuring timely detection, containment, and remediation. Perform triage ...

patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti Neurons ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration standards ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security. Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration standards ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated ...

Secure by Design, GovAssure) Incident management, vulnerability assessment, SIEM/SOC systems ITSM workflows & change control Secure software supply chain & CI/CD security Threat intelligence, CVEs, CVSS interpretation Strong stakeholder communication & reporting skills Desirable: Degree in Cybersecurity, IT, or STEM Security Assurance certifications (CCP, SIRA) Professional security ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. ...

leading toy manufacturing company in Glasgow is seeking a Director of Cyber Security Operations and Threat Management to lead its cybersecurity efforts. This role involves overseeing the security operations team, developing threat intelligence programs, and managing the security measures across all platforms. The ideal candidate will have … deep understanding of threat management, security operations, and cloud security, with at least 8 years in the field and relevant certifications such as CISSP or AWS Security Certifications. #J-18808-Ljbffr ...

Infrastructure & Operations Lead the integration of AI and ML across networking and operational domains including: AIOps Predictive analytics Autonomous remediation AI-driven anomaly detection Threat intelligence Capacity forecasting Configuration intelligence Architect infrastructure capable of supporting large-scale AI training and inference workloads. Advance observability strategies using streaming ...

threats quickly and efficiently. Install, configure and maintain security monitoring tools Ensure SOC tooling is optimised and operating effectively Support SIEM platforms and threat intelligence tooling Work with teams to assess risk and design security controls Apply updates, patches and follow change processes Stay current with emerging threats … your application to be submitted to our client in connection with this vacancy. KEY SKILLS SOC Engineer, SIEM, Sentinel, Splunk, Cyber Security, Security Monitoring, Threat Detection, Azure, AWS, Network Security ...

including Wiz, Zscaler, and CrowdStrike Security Operations Perform daily alert reviews across SIEM and security tooling Contribute to runbooks, playbooks, and operational documentation Support threat intelligence analysis and apply findings to detection and response activities Work closely with Engineering, DevOps, and IT teams to drive remediation Essential Requirements ...

triaging incidents and guiding response actions. Ability to translate technical findings into clear, actionable output for both technical and non technical audiences. Confidence interpreting threat intelligence and applying it meaningfully across a client security estate. Comfortable producing operational and service delivery reports. What can we offer you? Healthcare ...

security, and identity management. Proven experience implementing ISO27001, GDPR, NHS digital standards, and national cyber frameworks. Expertise in managing major incidents, forensic investigations, and threat intelligence. Strong understanding of ITIL v4 principles and ability to integrate security into service delivery. Skilled in presenting complex security strategies to senior leadership ...

.UK registry and help protect users from online harm. This is an ideal opportunity for someone with a strong interest in cyber threat operations and a desire to build hands‐on experience and develop their skills further. What You’ll Be Doing Investigating domain abuse reports using internal tools … open‐source intelligence (OSINT), escalating complex cases when needed Supporting operational workflows and identifying ways to improve our tools, processes and automation Assisting in the development and refinement of detection rules and identifying patterns in malicious activity Liaising with registrars and other external stakeholders to help resolve abuse cases ...

controls including data loss prevention (DLP), encryption, and access controls in the cloud. Participate in security audits, and monitoring to identify potential risks. Translate threat intelligence into actionable engineering requirements, ensuring prioritized risks are reflected in the backlog and data defense strategies. Partner with cloud security teams ...

upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor ...

upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor ...

vulnerability assessments Rollout and implementation of Risk Management processes Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps ...

hard problems, enjoys experimentation, and wants to see their research translate into real-world impact. You'll work across the full research lifecycle, from threat intelligence and vulnerability analysis through to prototyping and delivery, collaborating with multidisciplinary teams on challenges that matter. Role duties Research emerging cyber security ...