5 of 5 Contract Threat Detection Jobs in the UK

technologies , ideally coming from an XSOAR background , and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be eligible for SC Clearance* Key Responsibilities Implement and configure Palo Alto Networks XSIAM to improve SOC efficiency and visibility … Design and manage security automation workflows , drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion , correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM , XSOAR, and related integrations Ensure seamless integration … Clearance Desirable Qualifications Palo Alto certifications (PCNSE, XSIAM/XSOAR certifications highly preferred) Experience with cloud security platforms (AWS, Azure, GCP) Previous work in a SOC environment Exposure to threat hunting methodologies and tools This is a fantastic opportunity to work on the biggest XSIAM project in the UK working with cutting edge technology. My client are happy to More ❯

advice to senior management regarding incident response, monitoring, logging and analysis of all relevant systems and processes. . Define and evolve the cyber security operations strategy in line with threat posture and government direction. . Develop and maintain a robust cyber incident response plan and identify the required levels of cyber investment within the CSOC to include governance, tooling …/host-based IDS/IPS tooling. . Proven experience setting up SOCs from scratch. . Strong background in SOC strategy, optimisation, and transformation. . Experience in incident response, threat detection, and monitoring frameworks. . Familiarity with tools such as SIEM, IDS/IPS, antivirus, and correlation platforms. . Knowledge of cyber security regulations and frameworks (eg GDPR More ❯

experienced SOC Analyst (Level 3) to join its cybersecurity operations team. This role is ideal for senior professionals who thrive in high-stakes environments and enjoy working on proactive threat detection, incident response, and advanced security automation. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and … the Defender suite Develop and fine-tune analytic rules, detection use-cases, and automation playbooks Perform deep-dive analysis on malware, phishing, and lateral movement threats Correlate events across diverse log sources and technologies Collaborate with engineering teams to optimise Microsoft security tool integration Mentor junior SOC analysts and contribute to internal knowledge sharing Maintain and enhance incident response … processes and documentation Produce regular SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience … in risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience … in risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯