Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
Thames Water Utilities Limited
Job title Senior Cyber ThreatIntelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/…/2025 As a Senior Cyber ThreatIntelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the … development of a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threatintelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threatMore ❯
Reading, Oxfordshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior Cyber ThreatIntelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the development of … a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threatintelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threatintelligence … to address evolving cyber threats while contributing to the organisation's long-term security maturity. What you'll be doing as a Senior Cyber ThreatIntelligence Analyst: Cyber Threat Assessment: Support and lead cyber threat assessments and provide recommendations to technical, managerial, and executive stakeholders. Incident More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
GCS
As a Senior Cyber ThreatIntelligence Analyst , you will play a key role in protecting the company's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the development of … a robust threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threatintelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threatintelligence … to address evolving cyber threats while contributing to the organisation's long-term security maturity. What you'll be doing as a Senior Cyber ThreatIntelligence Analyst: Cyber Threat Assessment: Support and lead cyber threat assessments and provide recommendations to technical, managerial, and executive stakeholders. Incident More ❯
london, south east england, united kingdom Hybrid / WFH Options
Advanced Resource Managers
SC Clearance. Must have CREST experience Role Overview: We are seeking a highly skilled and experienced Penetration Tester with a strong focus understanding on threatintelligence and attack methods. The ideal candidate will be responsible for managing and conducting advanced penetration testing engagements, leveraging threatintelligence … actionable recommendations to significantly enhance our clients' security posture. Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a strong threatintelligence-led approach. Execute advanced penetration tests across a broad range of environments (applications, infrastructure, web, APIs, O365, Azure, AWS, OT), directly applying … your knowledge of current threat landscapes and attacker TTPs. Develop and maintain sophisticated test plans, execution plans, and targeted use cases directly informed by in-depth threatintelligence analysis. Identify and prioritize OT and IT assets, services, and systems based on their criticality and potential exposure to More ❯
london, south east england, united kingdom Hybrid / WFH Options
Adeptis Group
Cyber ThreatIntelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a Cyber … ThreatIntelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a threatintelligence strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised More ❯
Hemel Hempstead, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
Sopra Steria Limited
We are building a Cyber Threat team. It's a great time to join us in our expansion, and work with a portfolio of high profile clients, with the opportunity to work on a large client base. Our Cyber Threat |Intelligence Analyst will be a critical member … of the dedicated SOC team and run our Malware Information Sharing Platform (MISP) instance, to deliver actionable operational and tactical threat intelligence. This involves monitoring, analysis, and dissemination of threat information to support our customer security posture. We need strong analytical skills, deep knowledge of threatintelligence … Develop and integrate automated feeds and enrichment sources. Provide training sessions and documentation for SOC staff on effective usage of MISP. Supervise various sources (threat feeds, OSINT, dark web, internal logs) for emerging threats; and facilitate threat intelligence. Analyse collected data to identify patterns, indicators of compromise, and More ❯
A leading, award-winning cyber security and risk management organisation is seeking a highly experienced and motivated Senior Cyber Security and ThreatIntelligence Sales Consultant. This is an exciting opportunity to join a fast-growing team delivering cutting-edge security, threatintelligence, and managed service solutions … to enterprise clients. Key Responsibilities Sell security and threatintelligence solutions, platforms, and managed services into global enterprise accounts. Present a wide-ranging portfolio of innovative and established security solutions to new and existing customers. Identify client needs and deliver tailored technical and business-aligned solutions. Target prospective … presentations to senior-level stakeholders. Maintain long-term relationships with key decision-makers and influencers. Build and execute account plans focused on security technologies, threatintelligence, and managed services. Drive business strategy to grow revenue and profitability through cross-selling opportunities. Navigate complex sales environments with political and More ❯
drive our clients' CTI frameworks and products forward whilst supporting with some of the day-to-day activities. Responsibilities: Lead and support weekly Cyber ThreatIntelligence (CTI) activities and reporting. Drive continuous improvement of CTI processes and frameworks. Contribute to the development and enhancement of CTI tools and … technical support to the CTI Manager and broader CTI team. Background & Experience: Proven experience leading CTI programmes or managing CTI teams. Strong knowledge of threatintelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity … with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded Future, etc.). More ❯
for: Monitoring: Monitor security alerts generated by our SIEM solutions (primarily Microsoft Sentinel, but also Elastic and Datadog) and assess their severity and impact. Intelligence Feeds: Analyse threatintelligence feeds to identify potential threats and vulnerabilities relevant to our clients’ environments. Development: Develop and implement new detection … rules within Microsoft Sentinel to maintain and expand coverage of the MITRE ATT&CK framework, ensuring comprehensive threat detection. Response: Respond to security incidents by following the established incident response runbooks and procedures. Automation: Design and develop Logic Apps to provide automated responses to incidents, where applicable, to enhance … and outcomes within CyPro’s integrated JIRA Service Management platform. Updating: Regularly review and update incident response runbooks to ensure they reflect the latest threat landscape and best practices. Recommending: Provide recommendations for enhancing the security posture of clients based on incident findings, root cause analysis and threatMore ❯
A forward-thinking Financial Services firm is seeking a Threat Detection Automation Analyst to join its ThreatIntelligence team. They are looking for an individual to join and help drive forward a baseline of threat detection use cases in their SIEM (Splunk). They have just … the next phase of populating new use cases. This role will involve writing new use cases based on the output and direction of the threatintelligence team, as well as testing use cases with a new breach and attack simulation tool. Ideally, the individual joining will have experience … of both SIEM detection engineering and using a BAS tool. Coupled with sound knowledge of the current Cyber threat landscape including groups, TTPs and attack vectors relevant to Financial Services. To be considered for this role, you will have experience from either a SOC, CTI or are a Security More ❯
senior-level position tailored for experienced professionals with a strong track record in delivering complex cybersecurity projects. This role demands in-depth expertise in threatintelligence, risk management, incident response, compliance, and security architecture. The consultant will lead project teams, shape technical strategies, and mentor junior team members … reusable assets, documentation, and best practices to strengthen the knowledge base within the cyber resilience practice. Required Skills & Qualifications Technical Expertise Deep understanding of threatintelligence, risk management, incident response, compliance (e.g., GDPR, ISO 27001), and security architecture. Experience with a range of security technologies including: SIEM (e.g. More ❯
We are working with a global aviation organisation who are looking to bring an experienced Cyber ThreatIntelligence Manager into their organisation. This would be a greenfield project and would require the successful person to have had experience building and developing functions from scratch. Key Experience: Previous experience More ❯
Operations Team. This senior-level role is central to our capability to detect, contain, and respond to security incidents. You will drive maturity across threat detection, hunting, and response-particularly through Microsoft security technologies, including Microsoft Sentinel. You'll play a leading role in shaping how we stay ahead … of threats, with hands-on work across SIEM tuning, threat intel, incident response, and the development of use cases and automation playbooks. Day to day Lead incident detection and response activities from triage through to post-incident reviews. Develop and mature our threat hunting and threat detection … Sentinel use cases, analytics rules, workbooks, and automation playbooks. Tune and optimize our SIEM and log management pipelines to reduce false positives and maximize threat visibility. Monitor and analyse threatintelligence feeds, integrating insights to enhance protective controls. Produce actionable reports and dashboards on threat trends More ❯
london (hounslow), south east england, united kingdom
Adeptis Group
malware, network traffic, and system logs to uncover threats. Incident Response: Lead security response efforts, including containment, eradication, and recovery of cyber incidents. Forensics & Threat Hunting: Conduct forensic investigations and proactive threat hunts to detect and mitigate potential risks before they escalate. ThreatIntelligence: Utilise intelligence … Looking For 5+ years experience in Security Operations Centre (SOC) and Incident Response (IR). Proficiency in digital forensics, malware analysis, SIEM tools, and threat intelligence. A solid understanding of cyber threats, particularly in regulated industries. Experience conducting security exercises and breach simulations. Excellent communication skills, with the ability More ❯
guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS …/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead & Mentor: Manage SOC analysts and support their technical and professional growth. Tool Optimisation: Oversee and fine-tune security platforms … innovation and stay ahead of emerging threats, tactics, and techniques. External Engagement: Work with partners to strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring More ❯
Portsmouth, yorkshire and the humber, united kingdom
Franklin Fitch
guiding investigations, and helping shape the future of our security strategy. If you’re passionate about cyber security and thrive in a fast-paced, threat-driven environment, we want to hear from you. 🔐 What You’ll Be Doing Monitor & Detect: Identify and respond to security alerts from SIEM, IDS …/IPS, EDR, and other tools. Incident Response: Investigate threats and escalate incidents, ensuring rapid containment and resolution. Threat Hunting: Proactively search for hidden threats and conduct forensic investigations. Lead & Mentor: Manage SOC analysts and support their technical and professional growth. Tool Optimisation: Oversee and fine-tune security platforms … innovation and stay ahead of emerging threats, tactics, and techniques. External Engagement: Work with partners to strengthen the defensive posture and maintain compliance. Insider Threat Management: Lead investigations and support sensitive case handling. 🛠 What You Bring to the Role Must-Have Experience: Strong background in cyber security, protective monitoring More ❯
controls, policies, and technologies effectively protect the organisation’s assets, infrastructure, and data. You will work closely with senior leadership, providing expert guidance on threat mitigation and security best practices. If you thrive in a dynamic environment and have a passion for building and evolving enterprise security programs, we … of securing Microsoft and Azure-based environments, including cloud, hybrid, and on-premises infrastructure. Hands-on experience in managing and responding to security incidents, threat hunting, and vulnerability remediation. Strong background in implementing and overseeing security monitoring and detection capabilities using SIEM, EDR, and XDR solutions. Experience leading security … and Logic App workflows. Experience with network security principles, including zero-trust architecture, segmentation, firewalls, and secure remote access solutions. Strong understanding of cyber threatintelligence, MITRE ATT&CK framework, and advanced threat detection methodologies. The Benefits Our customers deserve the best and the same applies to More ❯
an L3 Analyst. You will be dealing with the escalated alerts, investigating and responding to the most complex incidents whilst working with the wider Threat Hunting, ThreatIntelligence and Incident Response functions to continuously enhance their Playbooks and Processes. You will act as a mentor to the … of the largest digital footprints where you will gain exposure to an unprecedented volume of threats and respond to incidents from the most sophisticated threat actors; whilst working alongside and learning from some of the best cyber defence SMEs in the world. Key Responsibilities: Act as a lead and … to escalated alerts and the most sophisticated incidents whilst building out IR playbooks. Comprehensive knowledge of the Microsoft Security Suite – Azure AD P2, Advanced Threat Protection Suite and Cloud App Security. Knowledge of various Incident Response techniques and procedures. Experience mentoring/leading more junior analysts through complex investigations. More ❯
Gosport, Hampshire, South East, United Kingdom Hybrid / WFH Options
Walsh Employment
and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threatintelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … using advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber More ❯
and a generous flexible benefits fund. Key Requirements: We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of cybersecurity … Microsoft Sentinel and Splunk . Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threatintelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to … advanced SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast More ❯
Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, Hampshire As a Senior SOC Analyst, you will be at the forefront of digital defence-leading … using advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber … threat developments and contributing to best practices and process enhancements Supporting the continuous development of the SOC team through knowledge sharing and mentoring In order to be successful for this role you will need to be able to demonstrate the following experience: Proven experience in a Security Operations Centre More ❯
UK Security Clearance (DV level). Salary is discussed on application, negotiable by experience . You will have a strong background in security operations, threat detection and incident responses. A critical role supporting defence infrastructure through proactive monitoring, analysis and improvement of cybersecurity. Responsibilities: Experience in a security operations … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP, VPNs, firewalls) Skilled in incident response and threatintelligence analysis Familiar with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide More ❯
translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization, helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops … such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills … pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network More ❯
cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. … WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threatintelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP More ❯
Milton Keynes, Buckinghamshire, United Kingdom Hybrid / WFH Options
In Technology Group
compliance with internal policies and regulatory requirements (e.g., FCA, GDPR, ISO 27001). Stay up to date with the latest security technologies, trends, and threat intelligence. Essential Skills & Qualifications: Proven experience in a cyber security or information security engineering role. Strong knowledge of network and system security, encryption, and More ❯