7 of 7 Threat Intelligence Jobs in Yorkshire

operational areas: Cyber Security Operations Unit (CSOU) - SIO Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The role sits within the CSOCs Threat Intelligence team within NHS England CSOC comprised of four primary functions: Intelligence Collection & Analysis - Perform collection, aggregation, analysis and contextualisation of healthcare and security information to produce actionable … CTI. Cybersecurity Threat & Risk Assessment - Perform high-level risk assessments of current and emerging threats to the health & social care estate. Intelligence Dissemination & Reporting - Produce stakeholder-specific intelligence reporting for stakeholders. Specialist CTI Support - Provides specialist CTI support to CSOC during high complexity incidents. Main duties of the job The Cyber Security Threat intelligence Analyst … represents acts as a threat intelligence specialist within the CSOC aimed at analysing and identify potential security threats facing NHS England as identified by the CSOCs threat intelligence collection and analyses capabilities. You will be a threat intelligence analyst reporting to the threat intelligence senior analyst your core responsibilities will be to More ❯

consists of 4 operational areas: Cyber Security Operations Unit (CSOU) Cyber Delivery Unit (CDU). Cyber Improvement Programme. Chief Information Security Office Function (CISO) The role leads the CSOCs Threat Intelligence team within NHS England CSOC comprised of four primary functions: Intelligence Collection & Analysis - Perform collection, aggregation, analysis and contextualisation of healthcare and security information to produce … actionable CTI. Cybersecurity Threat & Risk Assessment - Perform high-level risk assessments of current and emerging threats to the health & social care estate. Intelligence Dissemination & Reporting - Produce stakeholder-specific intelligence reporting for stakeholders. Specialist CTI Support - Provides specialist CTI support to CSOC during high complexity incidents. The post of Cyber Security Lead Analyst - Threat Intelligence has … payment equal to 30% per annum. Please be aware that RRP is none contractual and subject to review. Main duties of the job As a Cyber Security Lead Analyst (Threat Intelligence) you will: Ensure the objectives and activities of the Threat Intelligence teams and Assessments are aligned with overarching CSOC strategy. Represent the function at operational More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track More ❯

The Role As a SOC Detection Engineer, you will design, develop, and maintain high-quality detection content to improve threat visibility and reduce risk across customer environments. You apply expert knowledge of attacker tactics and telemetry sources to create and manage scalable, accurate, and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support … operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM … XDR, and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or More ❯

Customer Communications - You provide timely incident updates and lead bridging calls with customers during high-priority incidents, ensuring that communications are clear, evidence-led, and aligned to customer expectations. • Threat Hunting Oversight - You lead and coordinate proactive threat hunting across customer environments, using hypothesis-based approaches to identify undetected threats and validate detection coverage. Essential Duties • Advanced Investigation … all available tooling. o Reconstruct attack chains and identify root causes using MITRE ATT&CK. o Recommend and coordinate response actions to mitigate impact during active incidents. • IOC and Threat Analysis o Investigate indicators of compromise using commercial and open-source threat intelligence. o Validate alerts and determine their relevance to customer environments, providing context on adversary behaviour … and recommending follow-up actions when threats are confirmed. • Threat Hunting o Lead and participate in threat hunts using hypothesis-driven approaches mapped to TTPs and MITRE ATT&CK. o Leverage telemetry and queries in tooling to identify suspicious indicators not surfaced through existing detection logic. o Document hunting activities, findings, and detection coverage gaps to support tuning More ❯