1 to 25 of 95 Remote Threat Detection Jobs

For more information about AbbVie, please visit us at . on X , Facebook , Instagram , YouTube , LinkedIn and Tik Tok . Job Description The Principal Threat Detection Engineer role is an advanced technical role focused on extending AbbVies threat detection and monitoring services to include web applications.This … role will serve as a technical subject matter expert on the cyber threat landscape, attacker tactics and techniques and serve as the lead on threat detection content development lifecycle. This role will also coach junior team members, engage in advanced data analysis, work closely with the Incident … systems, networking protocols, systems administration, and security technologies. Strong knowledge and application of cyber security terminology and concepts, and expert understanding of the cyber threat landscape and attack vectors Thorough understanding of the MITRE ATT&CK framework and its practical applications. Familiarity with performing data analysis using a modern More ❯

generous flexible benefits fund Key Requirements We are seeking an experienced Senior Security Operations Centre Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior Security Operations Centre More ❯

and a generous flexible benefits fund Key Requirements We are seeking an experienced Senior SOC Analyst who brings a strong background in security operations , threat detection, and incident response. This is a critical role that supports the defence of national infrastructure through proactive monitoring, analysis, and improvement of … such as Microsoft Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide … to-Have): Industry-recognised cybersecurity certifications such as CRT or OSCP Previous experience handling SC or DV cleared environments Demonstrated ability to fine-tune detection logic and improve SOC processes Active engagement with the cybersecurity community and awareness of emerging trends Role & Responsibilities As a Senior SOC Analyst , you More ❯

and unparalleled agility-leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests. Requisition Job Title: Cyber Threat Intelligence Analyst IV Exempt Location: Hybrid 2x week onsite - 600 Dulany Street Alexandria, Virginia 22314 Clearance Level: Active DoD - Top Secret Required Certification(s … N/A SUMMARY The United States Patent and Trademark Office (USPTO), Cybersecurity Division, has a requirement to support a Cyber Threat Intelligence (CTI) capability within USPTO. This support includes monitoring activities, developing cyber threat analysis, identifying mitigation and remediation courses of action, sharing actionable cyber threat … through Friday core hours but the ideal candidate will provide technical support on-call to a 24x7 cyber program in the areas of cyber threat intelligence, cyber hunt, and incident response. JOB DUTIES AND RESPONSIBILITIES • Assist with the USPTO Security Operations Center (SOC) with identifying valid Indicators of Compromise More ❯

Cisco Talos Security Intelligence and Research Group is at the forefront of detecting and correlating threats in real-time, using the world's largest threat detection network. We collaborate extensively across Cisco's security ecosystem, driving innovation in threat detection technologies to safeguard the Internet from … as a member of a multi-disciplinary team, providing domain expertise when needed, sharing ideas and knowledge. What you'll do Proactively analyze potential detection gaps, propose projects and ideas, and define and implement a plan to make them real. Analyze large datasets to extract complex data patterns. Monitor … changes in the threat landscape via automation and visualization techniques and develop models to identify new threats. You will have the opportunity to build or enhance machine-learning pipelines to support Cisco's security products and tools, covering from model selection and training, to optimization, deployment, and monitoring. You More ❯

part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and … Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling. Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action More ❯

incident response, compliance, and implementing innovative security technologies to strengthen the organisation's defenses. Essential functions of the job: SOC operations: perform incident triaging, threat detection, and response activities. SIEM & EDR management: advance and configure SIEM and EDR systems to optimise threat detection and response in … response: investigate and mitigate security incidents, applying root cause analysis and remediation. Security testing: conduct regular application and network security assessments to identify vulnerabilities. Threat intelligence: monitor the cybersecurity landscape for emerging threats and develop innovative defensive strategies. Development security: monitor version control systems, identify vulnerabilities, and collaborate with More ❯

ensures that Avidity's security framework aligns with industry best practices, regulatory requirements (FDA, HIPAA, GxP), and business objectives. You will lead efforts in threat detection, incident response, identity and access management (IAM), and third-party risk management (TPRM), collaborating across IT, research, and compliance teams to protect … overseeing the department budget, and managing vendor relationships to ensure security policies and solutions are effectively implemented. This role will oversee cybersecurity engineers managing threat and vulnerability management, threat intelligence and hunting, insider threat, and the MSSP-managed Security Operations Center (SOC). The individual must also … cybersecurity policies, ensuring alignment with FDA, HIPAA, and GxP compliance while also driving cybersecurity maturity improvements to support IT infrastructure and commercial readiness. Lead threat intelligence, risk assessment, and security monitoring initiatives to detect and mitigate risks that impact infrastructure, IT, and business operations. Oversee Security Operations Center (SOC More ❯

Claroty Claroty secures the Extended Internet of Things (XIoT) to achieve unmatched visibility, protection, and threat detection across all cyber-physical systems – OT, IoT, BMS, IoMT and more – in your environment. We’re growing and looking to hire a Technical Account Manager who embodies our core values: People … Things (XIoT). The Claroty Platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, exposure management, network protection, threat detection, and secure access. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents. Claroty is More ❯

and after service requests Event Log Monitoring and Investigation: Monitor and investigate event logs for suspected activities. Identify potential security incidents and respond promptly. Threat and Vulnerability Analysis: Conduct threat and vulnerability analysis to assess risks. Propose mitigation strategies based on findings. Security Incident Handling: Investigate, document, and … with prevalent cyber threats, including malware, phishing attacks, DDoS attacks, BEC, lay-and-wait, and man-in-the-middle attacks. Stay updated on evolving threat landscape. SIEM Proficiency: Use and understand Security Information and Event Management (SIEM) solutions. Leverage SIEM data for threat detection and incident response. … Knowledge of Other Cybersecurity Tools: Familiarity with tools such as EDR (Endpoint Detection and Response), MDR (Managed Detection and Response), SASE (Secure Access Service Edge), intrusion prevention systems (IPS), and vulnerability scanners. Problem-Solving Under Pressure: Apply problem-solving skills effectively even in high-pressure situations. Prioritize and More ❯

be responsible to leverage and optimise a number of tools including, MS Defender, Sentinel, Azure and our SOC partner to enhance cyber resilience, conduct threat analysis and proactive risk assessments to design effective controls. They will lead the Group's Cyber Security operations function, by providing strategic direction and … coordinating day-to-day delivery of threat intelligence, threat detection, incident response, vulnerability management and ethical hacking capabilities. This role will lead a team of Infrastructure Engineers, ensuring strong data controls are in place to develop a robust controlled environment. They will work closely with key stakeholders More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯

through Splunk ES. The mid-tier candidate will have a solid understanding of cyber threats and information security in the domains of TTP's, Threat Actors, Campaigns, and Observables and be proficient administering Splunk and creating Splunk dashboards and notables. Additionally, the ideal candidate would be familiar with tools … commonly deployed in a SOC environment such as intrusion detection systems, intrusion analysis systems, security information event management platforms (SIEM), endpoint threat detection tools, and security operations ticket management. REQUIRED Qualifications: • Must be a U.S. Citizen. • Ability to obtain a Public Trust clearance. • Minimum 2-5 years … in network defense environments. • Splunk Admin Certification • Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis. • Prior experience and ability with analyzing information technology security events to More ❯