7 of 7 Contract Threat Detection Jobs in London

Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills Expertise in detection engineering, threat hunting, or a related Cyber Security field. Proficiency in Sentinel, KQL, XDR and Splunk is required. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and …/or cloud-native security services (e.g. AWS GuardDuty, GCP Chronicle). Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

a highly skilled SOC Engineer to support the delivery of a major Security Operations Centre (SOC) uplift programme. This role will focus on enhancing existing capabilities, introducing new security detection services, and improving operational efficiency through automation and integration. You'll play a key role in strengthening threat detection, incident response, and investigative processes within a dynamic … and evolving SOC environment. Key Responsibilities: - Design, implement, and test improved and new detection use cases. - Build and enhance technical SOC capabilities to improve cyber threat visibility. - Refine and optimise detection rules and analytics. - Contribute to the automation of SOC workflows and response tasks. - Enhance tools and processes to support security investigations. - Develop performance metrics and monitoring More ❯

previous following experience: Design, implement, and manage SIEM solutions using Splunk, including data onboarding, creating correlation rules, and developing dashboards and reports to improve security visibility. Develop and maintain detection use cases, alerts, and response playbooks based on threat intelligence and compliance requirements. Monitor, tune, and optimise Splunk performance to ensure availability, scalability, and accuracy of security event … logging and analysis. Work closely with SOC analysts, incident response, and threat hunting teams to enhance threat detection, investigation capabilities, and response effectiveness. More ❯

the requirements to meet ISO27001 & the Cyber Essentials+ certification. Administrative requirements of PAM tool. (CyberArk) Experience Experience administrating PAM solutions, such as CyberArk - MANDATORY Working understanding of security operations, threat detection, and incident response. Experience using SIEM and security tooling for triage and log analysis. Experience tracking and managing vulnerabilities using industry frameworks. Familiarity with enterprise systems including More ❯

supporting risk mitigation and contributing to the continual improvement of the business's security composure. Responsibilities: * Provide expertise on application, network and infrastructure security * Monitor security solutions including SIEM, threat detection and data security, endpoint protection, network analytics for alerts * Provide documentation for technical standards to meet corporate security policies/industry best practice * Perform security reviews, identify More ❯

client is seeking an experienced Splunk Consultant with strong expertise in Enterprise Security (ES) and SOAR to support and enhance their SIEM capabilities. This role is critical in delivering threat detection, investigation, and response capabilities, leveraging Splunk's advanced security and automation features. Responsibilities: - Implement and support Splunk Enterprise 7/8 in a multi-site clustered environment More ❯

month) Pay: INSIDE IR35, negotiable DoE We are looking for a Senior SOC Analyst to join a Security Operations Centre (SOC) team and provide expert-level support across incident detection, analysis, and response. You will play a critical role in strengthening security operations by leading investigations, mentoring analysts, and optimising SOC processes and tooling. This role demands strong technical … in a fast-moving environment. Responsibilities: - Provide senior-level support to ensure the robustness and reliability of SOC operations. - Oversee escalated alerts using advanced SIEM logic and AI-based threat detection. - Improve alert enrichment, case management, and investigation workflows. - Act as a key escalation point for complex security incidents and stakeholder queries. - Guide and mentor SOC Analysts, offering technical … direction and oversight. - Lead threat simulation exercises to support team development and readiness. - Assist with the alignment and integration of physical and personnel security within the SOC function. - Support the successful transition of services into business-as-usual operations. Essential Experience & Skills: - Extensive background in cyber security, with hands-on SOC experience. - Strong leadership skills, including coordinating with SOC More ❯