1 to 25 of 33 Threat Intelligence Jobs in the South East

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security incidents from … identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection use cases ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised ...

holistic view of the organisation's security posture. Present findings and recommendations to senior leadership and governance forums. Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes. Act as a primary interface for business units, ensuring alignment between assurance … technical and business information to assess risk. Experience in supply chain security assurance. Knowledge of secure by design principles and accreditation processes. Understanding of threat intelligence and its application in assurance. Experience working in regulated or high-assurance environments (e.g., government, finance, defence). Familiarity with risk management ...

mentoring others. Senior SOC Analyst essential skills Proven experience working within a SOC environment, ideally 3+ years Strong knowledge of SIEM, incident management and threat intelligence Experience with cloud security, networking and information security principles Understanding of IDAM, RBAC and joiners, movers and leavers processes Ability to support … processed and submitted to the client in conjunction with this vacancy only. Key skills: Senior SOC Analyst, SOC, SIEM, Incident Response, Cloud Security, Threat Intelligence, IDAM, ISO 27001, Team Leadership ...

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information ...

scaling SOC that protects some of the UK’s most sensitive defence and national security environments.The SIEM Engineer will sit at the intersection of threat intelligence, telemetry, and detection logic, shaping how threats are identified, prioritised, and acted upon across multiple high-security clients. If you’re passionate … optimisation Engineering high-fidelity detections, dashboards, and reporting that SOC analysts trust Ensuring data ingestion, parsing, and enrichment deliver coverage, context, and visibility Turning threat intelligence, vulnerabilities, and attacker TTPs into actionable detection logic Reducing false positives while improving alert confidence and response speed Acting as the technical ...

function, playing a key role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional … Providers Maintain and enhance SecOps processes and documentation to enable knowledge sharing Investigate security events, perform vulnerability analysis and support remediation activities Analyse cyber threat intelligence and translate insights into actionable detection improvements Process indicators of compromise and indicators of attack to enhance detection rules Conduct proactive threat ...

Threat Detection Engineer A specialist technology organisation operating in highly secure environments is expanding its cyber capability and looking to strengthen its detection function. This role sits at the heart of identifying, stopping, and staying ahead of modern threats. Role Overview: Location: Farnborough/Hybrid (3 days per week … platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts to identify genuine threats Running proactive threat hunting activities to uncover advanced or hidden attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence ...

Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion … high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must be a British Citizen or a Dual UK national ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft ...

operating effectively to protect client environments. Work with teams to assess risks, design controls and define testing requirements. Support senior engineers with SIEM, threat intelligence and malware analysis platforms. Apply patches/updates, raise changes and follow agreed processes. Keep up to date with threats and recommend improvements. ...

OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring, SIEM technologies, threat detection, and public key infrastructures (PKI). Understands cyber risk management, threat intelligence, and emerging governance practices. Experienced in driving security transformation ...

vulnerability assessments and penetration testing. Collaborate with technical teams to remediate risks. Maintain and evolve incident response plans and playbooks. Analyse security logs and threat intelligence feeds. Ensure compliance with GDPR, SOX, PCI, and internal policies. Lead security awareness initiatives and drills. Support day-to-day security operations ...

heartbeat of what we do. We’re the people on the front line, keeping our customers secure and connected. Whether it’s spotting a threat, fixing an issue, or finding a smarter way of doing things, we’re united by one goal: delivering an exceptional customer experience with speed … loop and building trust during incidents. Spot opportunities to make things faster, smarter, and better through AI and Automation. Always growing: Dive into threat intelligence, security tools, and triage techniques, sharpening your skills every day. Get it done: Work with engineers and senior analysts to protect customers ...

Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility, improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders … coverage across networks, data centres, and cloud estates. - Guide onboarding, configuration, and tuning of Microsoft Defender XDR (Endpoint, Identity, Email, Cloud Apps, Server, and Threat Intelligence modules). - Ensure correct enablement of telemetry, behavioural analytics, detection logic, and baselining across both platforms. - Coordinate testing, validation, and acceptance ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. ...

latest security threats and trends Research and develop understanding of security as a discipline Broad Experience: SIEM Cloud Computing Security Incident Management Networking Threat Intelligence Information Security Phishing, Ransomware and other key threats IDAM (Identity and Access Mgmt) JML (Joiners, Movers and Leavers Processes) ITSM Policies and Procedures ...

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market‐leading Taegis XDR/MDR, identity threat detection and response (ITDR), next‐gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations worldwide from phishing, ransomware, data theft, other everyday and state‐spurred cybercrimes. The solutions are powered by historical and real‐time threat intelligence from Sophos X‐Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available ...

cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next‐gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller … organizations worldwide from phishing, ransomware, data theft, other every‐day and state‐sponsored cybercrimes. The solutions are powered by historical and real‐time threat intelligence from Sophos X‐Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information ...

provide consultation and expertise on security matters. Responsibilities: Security Operations & Incident Management: Managing ticket workload within the Security team. Gathering, analysing and acting upon threat intelligence. Responding to on-going security incidents. Responding to active alerts from security systems. Writing change management requests for security-related changes . Vulnerability … technologies and policies. Knowledge of identity and access management principles. Familiarity with security accreditations such as ISO27001, CyberEssentials and CyberEssentials+. Excellent incident response and threat intelligence skills. Strong communication skills to convey security matters to technical and non-technical audiences. Benefits: 25 Days Holiday Birthday ...

Defence environments Proficiency with SIEM tools such as Splunk, Elastik, or Defender Knowledge of cloud security and incident management processes Understanding of networking, threat intelligence, and key security threats like phishing and ransomware Experience with identity and access management (IDAM) and JML processes Familiarity with technical standards including ...

platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts to identify genuine threats Running proactive threat hunting activities to uncover advanced or hidden attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence ...

Assurance services globally, managing supplier assessments, reporting risks and working with stakeholders to ensure issues are understood and acted on. You’ll help develop threat-intelligence-led and automated approaches to TPRM, maintain and enhance our assessment platform, and support wider cyber risk management activities. You’ll also ...

network digital forensics, log analysis, malware analysis and living-of-the-land techniques in support of incident response investigations, including leveraging EDR solutions and threat intelligence Conduct incident response within various Cloud platforms Identify attacker Tactics, Techniques and Procedures (TTPs) to develop indicators of compromise Take a lead ...

experience with leading IRM toolsets such as ServiceNow, RSA Archer, IBM OpenPages, MetricStream, and BWise.Domains: Security Operations, Enterprise Security, Security Incident Response, Vulnerability Management, Threat Intelligence, Event Management, Integrated Risk ManagementLeadership Skills: Ability to influence senior leaders and stakeholders, providing clear recommendations that address business and technical challenges ...