Threat Intelligence Analyst

Job Title: Lead Threat Detection Analyst

Location: Preston

Security Clearance: SC or eligibility to obtain (higher clearance advantageous)

We are seeking a Lead Threat Detection Analyst to join a high-performing Cyber Operations function responsible for protecting critical national and defence infrastructure from sophisticated cyber threats.

This is a hands-on leadership role combining technical threat detection expertise with operational oversight. You will lead triage and detection activities, mentor analysts, and continuously improve people, process and technology across the security operations capability.

You will play a key role in identifying, analysing and mitigating threats before they impact mission-critical systems and the individuals who rely on them.

What you’ll be doing

  • Lead delivery of core triage and protective monitoring across multiple networks and services
  • Oversee and contribute to the analysis, investigation and escalation of security incidents
  • Coordinate closely with Cyber Operations and Incident Response teams to contain and mitigate threats
  • Develop and enhance detection use cases, tooling and operational processes
  • Provide subject matter expertise on threat analysis and detection engineering
  • Drive continuous improvement across people, processes and technology
  • Support operational leadership and deputise for the Threat Detection Manager when required
  • Advise on requirements, scope and improvement opportunities to strengthen operational resilience

Skills and experience

Essential

  • Experience working within a Security Operations Centre (SOC) or similar cyber defence environment
  • Demonstrable leadership or team management within an operational setting
  • Strong knowledge of industry frameworks such as MITRE ATT&CK, D3FEND or ENGAGE
  • Proficiency with SIEM platforms and security analytics tooling
  • Strong analytical mindset with an innovative approach to problem-solving

Desirable

  • Industry certifications such as OSDA, GIAC or equivalent
  • Experience in defence, government or highly regulated environments
  • Security clearance or previous clearance

About the team

The Cyber Operations team protects critical systems and sensitive environments from advanced threat actors. Covering Threat Intelligence, Detection, Incident Response and Active Defence, the team operates at the forefront of cyber security, safeguarding the technology and services that support national security and those who serve.

This is an opportunity to work on meaningful, high-impact challenges within a mission-driven environment where your expertise directly contributes to national resilience.

For a confidential discussion, please get in touch with your CV.

Apply Now
Apply Now

Job Details

Company
LHH
Location
Preston, England, United Kingdom
Posted