Skelmersdale, Lancashire, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service in a NMC Senior Cyber ThreatIntelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber ThreatIntelligence (CTI) Specialist. This role is recommended for those with significant cyber threatintelligence experience As a member of the ThreatIntelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for … mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threatintelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital more »
Greater Bristol Area, United Kingdom Hybrid / WFH Options
Orbis Group
ThreatIntelligence Lead (Salary flexible for the right candidate) Do you want to join a fast-paced company with a cloud security product with industry recognition and awards? Would you like to do research that has a positive impact on the security community? Are you unhappy with your … then this is the role for you! The role: A cloud security scale-up, founded by cyber security SME's, are searching for a ThreatIntelligence Lead to conduct malware analysis, lead threatintelligence research, and build internal tooling for security projects. You will be of … the research team that specifically focuses on Malware. This role will include line management responsibilities (no prior management experience is needed) of one other threatintelligence engineer and expectations to grow the team if/when needed. Desirable experience: 6+ months of experience working in a public cloud more »
Saint Louis, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »
Columbia, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »
Springfield, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »
Jefferson City, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … investigations. Be responsible to Team Leader for designing and documenting data flows, visibility gaps, and processes. Perform ad-doc data deep dives based on intelligence driven leads and effectively communicate findings. Analyze and investigate security logging to identify trends and anomalies that may result in detection opportunities for the … investigation principals, dashboard creation, and data awareness regarding identified trends and anomalies. Work with platform owners and the Engineering team to identify telemetry for Threat Management and Response needs in support of new business platforms and security tooling. Prioritize security improvement suggestions from the team based on your identification more »
Cardiff, Wales, United Kingdom Hybrid / WFH Options
Intaso
Key Responsibilities Develop and document a comprehensive vulnerability management strategy aligned with stakeholder and business need Create intuitive reporting and dashboarding mechanisms to convey threat and risk profiles associated with vulnerabilities to stakeholders Ensure regular vulnerability scans cover all IT and OT assets, maintaining up-to-date coverage. Collaborate … Lead cross-functional teams in responding to high-risk or complex vulnerabilities, leveraging technical expertise. Stay informed about critical threats by continually analysing cyber threatintelligence from various sources. Proactively monitor vulnerability intelligence sources to swiftly address any potential exposures. Conduct on-demand vulnerability assessments for key … personnel/systems as needed. Deliver informative cyber threatintelligence briefings to senior stakeholders. Collaborate with security engineering to define requirements for vulnerability management and threatintelligence Experience: Hands-on experience with vulnerability scanning tools like Tenable or Qualys Collaboration with IT and network teams Previous more »
maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident. Follow major incident process. ThreatIntelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threatintelligence into security monitoring processes. Contribute to the development … of threatintelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Evaluate new security technologies and recommend enhancements to the security infrastructure. Collaboration: Collaborate with cross-functional teams, including IT, legal more »
perform a business impact analysis on the security incident. You will leverage a deep understanding of information security technologies, you will aid in triaging threatintelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend … the response actions and escalation path. You will be guided by ThreatIntelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as … Security and security operations experience Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience Experience of onboarding, tuning, reporting, and configuring SIEM solutions Experience of threatintelligence Leadership and mentoring experience and skills Understanding of low-level concepts including operating systems and networking Commercial experience in Penetration Testing and more »
perform a business impact analysis on the security incident. You will leverage a deep understanding of information security technologies, you will aid in triaging threatintelligence from multiple sources and add contextual information to the security incident, perform additional analysis and based on the business impact will recommend … the response actions and escalation path. You will be guided by ThreatIntelligence which is actionable information (e.g. IOCs/TTPs), conduct threat hunting activities; leveraging and analyzing sources of information as available through the SIEM, in addition identify and investigate potential suspicious activity as well as … Security and security operations experience '€¢Microsoft MDE, MDI, Sentinel, Lighthouse and DevOps experience '€¢Experience of onboarding, tuning, reporting, and configuring SIEM solutions '€¢Experience of threatintelligence '€¢Leadership and mentoring experience and skills '€¢Understanding of low-level concepts including operating systems and networking '€¢Commercial experience in Penetration Testing and more »
Columbia, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threatintelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »
Springfield, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threatintelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »
Saint Louis, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threatintelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »
Jefferson City, Missouri, United States Hybrid / WFH Options
EDWARD JONES
Citizenship Report . 1 Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating. Team Overview Threat Management consists of detection engineers and cyber threatintelligence analysts whose mission is to provide actionable intelligence and utilize enhanced threat … and instilling industry best practices of detection engineering among your detection engineering team members. Develop, maintain, and clearly document custom detection queries, data models, threat models, workflows, processes, and platform and attack technique research; review team member work for completeness and accuracy. Onboard 3rd party security detections to increase … SIEM queries; bonus for KQL. Experience with writing proof of concept code for attack techniques on Windows and Linux operating systems. Ability to evaluate threatintelligence and collaborate with CTI analysts to identify detection opportunities. Excellent written and verbal communication skills to describe security event details and technical more »
a pivotal role in coordinating security operations within their IT environment. Your responsibilities will include managing cyber defence technologies, coordinating incident response, and leading threat hunting efforts. You will collaborate closely with internal teams and external partners to ensure the highest level of security across the organisation. Key Responsibilities … Standard Operating Procedures (SOPs) and other documentation to support cyber operations. Respond to cyber-related incidents, coordinating remediation efforts and post-incident reviews. Enable threat hunting through the fusion of threatintelligence and business risk analysis. Requirements: Strong understanding of network protocols, firewalls, and intrusion detection/… scale security technology deployments (SIEM/SOAR/EDR/NDR). Ability to lead technical teams and manage service providers effectively. Familiarity with threatintelligence sources and incident prioritization. Understanding of cybersecurity regulations and standards (e.g., GDPR, NIST). Working knowledge of the MITRE ATT&CK framework. more »
a pivotal role in coordinating security operations within their IT environment. Your responsibilities will include managing cyber defense technologies, coordinating incident response, and leading threat hunting efforts. You will collaborate closely with internal teams and external partners to ensure the highest level of security across the organisation. Key Responsibilities … Standard Operating Procedures (SOPs) and other documentation to support cyber operations. Respond to cyber-related incidents, coordinating remediation efforts and post-incident reviews. Enable threat hunting through the fusion of threatintelligence and business risk analysis. Requirements: Ability to manage service providers effectively Knowledge of large-scale … security technology deployments (SIEM/SOAR/EDR/NDR). Working with EDR tools such as MS Defender and Crowdstrike Familiarity with threatintelligence sources and incident prioritization. Working knowledge of the MITRE ATT&CK framework Desirable Qualifications: Bachelor's degree in computer science, business informatics, engineering more »
that CLS is equipped with appropriate industry best tools and solutions Operational Operate and maintain controls related to SIEM, DLP, Vulnerability Management, DLP, Cyber ThreatIntelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations. Conduct IT Security risk assessments for all high impact projects, defining … and maintain security Prepare for, identify (hunt) and remediate cyber threats Operate and maintain IT Security controls related to SIEM, DLP, Vulnerability Management, Cyber ThreatIntelligence, DLP, Endpoint Protection, etc. Participate in an on-call rotation to act as an escalation point for events requiring IT Security involvement. more »
security actions. Ensure the highest quality in reports and client-facing documents. Conduct in-depth analyses on alarms and events, recommending alternative actions. Implement threat hunting, threat modelling, and threatintelligence activities. Collaborate with security automation and orchestration tools as required. Analyse events from end-points more »
London, England, United Kingdom Hybrid / WFH Options
Starling Bank
experienced Vulnerability Manager to lead a growing vulnerability management team. A successful candidate will work with the team to analyse emerging vulnerabilities provided by threatintelligence sources and penetration testing. The vulnerability manager will collaborate with various technology and engineering teams to share vulnerability findings, provide guidance, and … the vulnerability management process. Responsibilities Lead a team of information security professionals to: Assess, investigate and provide guidance on emerging vulnerabilities, incorporating information from threatintelligence sources, internal software and infrastructure scans. Collate and prioritise applicable vulnerabilities based on Starling Bank's environmental factors and risk frameworks Collaborate … develop process and procedure improvements. Understand the assets and/or applications at risk from a vulnerability and be able to articulate the potential threat to the Bank in a way anyone in the business could understand. Alignment of risk assessment approach for vulnerabilities to the Bank's risk more »
large portion of European-based incidents. You will join our CSIRT department inside our Information Security area of the business that provides incident response, threat hunting, threatintelligence and forensics functionalities. The suitable candidate should have experience working within an incident response focused environment. The suitable candidate more »
Brighton, England, United Kingdom Hybrid / WFH Options
Legal & General
gain experience with all pillars of the security team with regards to Security Operations, Infrastructure, and Identity Management teams. You will use the latest threatintelligence to inform daily activities and proactive threat hunts to detect and respond to threat actors. The Security Analyst Apprentice will more »
operation across the globe. You will be passionate about cyber security and thrive on continued professional development and increasing personal knowledge as the potential threat to cyber security becomes more complex. You must be able to work proactively to reduce the risk posed to the company. You will hold … unauthorized activities. Investigate potential incidents and provide timely feedback. Analyze events to identify trends, threats, and vulnerabilities. Work to contain and remediate security incidents. ThreatIntelligence Keep up to date with latest trends in cybersecurity threats, vulnerabilities, and best practices. Security Infrastructure Management Assist with the maintenance of … with security tools such as SIEM/EDR and vulnerability Management. Proven experience in a security operations role. In-depth knowledge of cybersecurity principles, threat landscapes, and attack vectors. Experience working in a large, multinational, complex company. Good knowledge of infrastructure concepts – such as Windows/Linux, DNS, AD more »
Global music events company requires a Threat Detection Engineer to join their global cyber defence team basaed in the UK but with the option to work fully remote. Key skills needed: SIEM, IDS/IPS, Firewalls and antivirus software; full DevSecOps skillset with demonstrable skills in building threat … estate that is constantly under cyber attack due to its promincance in the public domain. The client is on the hunt for a Senior Threat Detection Engineer to join an expanding Cyber Defence team focused on the ongoing protection of its customers, clients, employees and partners. This is a … fully remote opportunity reporting into the Senior Manager of Cyber Defence the role will work closely with the Global SOC and Cyber ThreatIntelligence teams to build new tailored security detection systems. I am looking for inquisitive engineers who can work autonomously but also have the ability to more »
Senior Cyber Security Specialist here at City & Guilds. In this role you will lead and act as subject matter expert for computer and network threatintelligence, incident responses, investigations and vulnerability assessments that pertain to different types of cyber threats, including malware, data theft, denial of service, and … however, the service is provided globally and there will be some need for out of hours response in the case of major incidents and threat priorities where vital. The design of the service based on the use of an external 24/7 hybrid MDR aims to reduce the more »
Greater London, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
audit findings. o Management and configuration of vulnerability management tools (Microsoft Azure and Qualys) o Support the InfoSec function in proactively identifying and leveraging threatintelligence sources to inform strategic vulnerability mitigation measures. Threat Management o Take lead on the daily threat management activities o Maintain more »