1 to 25 of 28 DemandTrendPermanent Insider Threat Jobs in England

WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a skilled and experienced L2 Insider Threat- IRM Analyst. As part of the Cyber Defence department, this role will investigate Insider Risk Management (IRM) cases that have been escalated by our L1 Insider Threat team. Reporting to the Insider Threat - IRM Operations Manager, the L2 Insider Threat- IRM Analyst role is suited to someone who has strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience. It is a business facing role and requires working proactively with stakeholders and colleagues to … investigate Insider Threat and IRM cases. The Role: As the L2 Insider Threat- IRM Analyst, the primary responsibilities will be: Perform advanced analysis and investigation of Insider Threat and IRM cases across the various egress channels in both on premise and cloud environments. Analyse event/case/alert patterns to More ❯

Insider Threat Investigations Lead Salary - 110,000 + Discretionary Bonus Hybrid working - x2 day's per week in office (London) Spencer Rose are partnered with a leading financial services organisation who are currently on the look out for an Insider Threat Investigations Lead. Within this role the Insider Threat Investigations Lead … will be responsible for the identification, prevention, and response to risks posed by individuals with authorized access to their organizational assets. The Insider Threat Investigations Lead will have the following responsibilities - Drive the execution of their insider threat program, which will include the development of tools, standards, procedures and processes with the aim to … detect and prevent insider threats. Manage investigations of suspected insider threat incidents Work collaboratively with the intelligence team to develop threat modelling deliverables The Insider Threat Investigations Lead will need to have the following skills/experience - 7+ years of experience in information security, preferably within Investigations or similar ie Security More ❯

We are seeking a highly motivated and skilled Insider Threat Investigations Lead to join a newly formed Insider Threat Team. This role focuses on identifying, preventing, and responding to risks posed by individuals with authorized access to organisational assets, including employees, contractors, and third-party vendors. The position requires collaboration with cross-functional teams … suits someone with strong investigative skills, an analytical mindset, the ability to interpret and act on data, and the capability to execute initiatives that strengthen the insider threat programme. Key Responsibilities Support the delivery of the insider threat programme, including developing tools, standards, and procedures to detect, prevent, and respond to insider threats. Utilise advanced detection tools, behavioural analytics, and security monitoring systems. Drive continuous improvement by applying lessons learned, industry best practices, and emerging threat intelligence. Partner with stakeholders to identify and mitigate potential insider risks across systems, networks, and processes. Lead investigations into suspected insider threat incidents, ensuring they are thorough, timely More ❯

Tool Optimisation: Oversee the enhancement of security tools to maintain a proactive security posture. Incident Response: Provide expert guidance during security incident investigations and response efforts. Insider Threat: Manage and investigate Insider Threat cases as required. Threat Hunting: Lead scheduled threat hunts to ensure thorough detection of advanced threats. External Collaboration: Work … e.g., GIAC GMON, GCIA, GCIH, or equivalent). Hands-on experience with SIEM tools (LogRhythm, Splunk) and IDS (Snort). Solid background in network and host security. Expertise in threat intelligence and threat hunting. Experience mentoring and coaching others. Current DV clearance. Security Clearance This role is subject to pre-employment screening in line with the UK Government More ❯

and maintain executive-level documentation, including standard operating procedures (SOPs), playbooks, process flows, and risk reports, using diverse tools and data sources. Develop, refine, and maintain insider threat indicators and use case scenarios to enhance detection capabilities. Design and deliver insider risk awareness initiatives, highlighting emerging trends and fostering a culture of security, accountability, and … vigilance. Identify and implement improvements to detection and response processes based on lessons learned and evolving threat landscapes. Collaborate with internal partners on threat detection and response initiatives to strengthen organizational resilience. Qualifications Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field; advanced degree preferred. Experience in insider risk, counterintelligence, cybersecurity, or … a related discipline. Hands-on experience with insider threat detection tools such as SIEM, UEBA, UAM, DLP, and other monitoring technologies. Strong understanding of insider risk frameworks, regulatory and privacy requirements, and relevant laws. Familiarity with SOC or Fusion Centre operations, including threat monitoring, intrusion detection, incident response, and analysis. In-depth knowledge of More ❯

I'm working with a global tech led FS organisation to find an Insider Risk Technical Analyst to strengthen their insider threat capability and help safeguard sensitive data from internal threats. They're looking for a technically skilled analyst who can take ownership of insider risk monitoring, investigate sensitive incidents, and fine-tune … DLP policies using enterprise tools. Ideal for someone who enjoys being hands-on while influencing data protection strategy! Looking for candidates with experience in: Microsoft Purview (Insider Risk Management, DLP) Symantec or McAfee DLP platforms ServiceNow or Microsoft Sentinel for incident tracking and analysis Analysing user behaviour and data movement to detect risk Working across security, compliance, and More ❯

Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats and legal matters. Build and maintain PowerBI dashboards. Support the cyber risk management team with data requests to support cyber risk management tasks. Work with and articulate highly More ❯

Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats and legal matters. Build and maintain PowerBI dashboards. Support the cyber risk management team with data requests to support cyber risk management tasks. Work with and articulate highly More ❯

Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats and legal matters. Build and maintain PowerBI dashboards. Support the cyber risk management team with data requests to support cyber risk management tasks. Work with and articulate highly More ❯

Deloitte firms with cybersecurity data. Assist Deloitte Global and Deloitte firms with data extraction for ISO and PCI audit requirements. Support eDiscovery teams by providing data relating to insider threats and legal matters. Build and maintain PowerBI dashboards. Support the cyber risk management team with data requests to support cyber risk management tasks. Work with and articulate highly More ❯

Strong scripting skills (Python, PowerShell) Technical Expertise Expert in SAML, OAuth, OIDC Skilled with EDR platforms, MDM solutions (Jamf, Intune, Workspace ONE, MobileIron) Experience with DLP, insider threat programs, and endpoint/user zero trust Familiarity with SOC2, ISO 27001, GDPR, HIPAA Execution & Impact History of cutting manual processes by 50%+ through automation Proven ability to More ❯

a motivated self-starter, be committed to on-going self-development and education and possess strong technical acumen and customer service skills. Responsibilities Ensure data is protected from insider threats, cyber-attacks, and policy violations Onboard Customers to Varonis platforms and deliver on-going value and support Ensure Customer success through frequent proactive health checks, hands-on product More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP, CEH More ❯

our future! You will work with This team is responsible for safeguarding the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security DevOps, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital … and comprehensive approach to cybersecurity. Let me tell you about the role This role is responsible for setting the strategic and technical direction for cyber security across the Cyber Threat and Engineering (CTE) portfolio. This includes defining and maintaining portfolio-wide security strategies, technical requirements, and reference architectures that guide the secure design and operation of CTE platforms, products … and services. The team also leads horizon-scanning and innovation efforts to identify new technologies and approaches that can improve bps cyber resilience. What you will deliver The cyber threat insights that will drive actions to: Identify and remediate weaknesses in bp's security controls (people, process, and technology). Improve our overall monitoring detection and response capabilities. Generate More ❯

our future! You will work with This team is responsible for safeguarding the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security DevOps, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital … and comprehensive approach to cybersecurity. Let me tell you about the role This role is responsible for setting the strategic and technical direction for cyber security across the Cyber Threat and Engineering (CTE) portfolio. This includes defining and maintaining portfolio-wide security strategies, technical requirements, and reference architectures that guide the secure design and operation of CTE platforms, products … and services. The team also leads horizon-scanning and innovation efforts to identify new technologies and approaches that can improve bps cyber resilience. What you will deliver The cyber threat insights that will drive actions to: Identify and remediate weaknesses in bp's security controls (people, process, and technology). Improve our overall monitoring detection and response capabilities. Generate More ❯

our future! You will work with This team is responsible for safeguarding the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security DevOps, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital … and comprehensive approach to cybersecurity. Let me tell you about the role This role is responsible for setting the strategic and technical direction for cyber security across the Cyber Threat and Engineering (CTE) portfolio. This includes defining and maintaining portfolio-wide security strategies, technical requirements, and reference architectures that guide the secure design and operation of CTE platforms, products … and services. The team also leads horizon-scanning and innovation efforts to identify new technologies and approaches that can improve bps cyber resilience. What you will deliver The cyber threat insights that will drive actions to: Identify and remediate weaknesses in bp's security controls (people, process, and technology). Improve our overall monitoring detection and response capabilities. Generate More ❯

Technology Risk Adversarial & Cyber Resilience Testing Director, you will have responsibility for designing and executing red team operations and cyber resilience testing against Starling Bank. Operations will emulate real threat actors and target cutting edge technology in Starling Bank's platform as well as ranging across the endpoint estate. You will use emerging threat intelligence to inform and … realistic TTPs Lead purple team exercises and collaborate with the SOC team to enhance detection capabilities Translate red team tactics into actionable intelligence for blue team operations Develop advanced threat models and 'worst case scenario' playbooks based on emerging global risks (APTs, insider threats, supply chain compromise) and simulate complex real-world scenarios Cyber Resilience Technical Testing … are desirable: Expertise in AI/ML systems security, including LLMs, transformers and model interpretability Advanced certifications such as CSSAS, CSSAM, CCT or similar Extensive experience in incident response, threat intelligence, or ethical hacking at an enterprise level Strong background in regulatory environments (e.g. ISO 27001, SOCII, GDPR or AI Act compliance) Software engineering expertise (Java, Kotlin, Go ) or More ❯

Technology Risk Adversarial & Cyber Resilience Testing Director, you will have responsibility for designing and executing red team operations and cyber resilience testing against Starling Bank. Operations will emulate real threat actors and target cutting edge technology in Starling Bank's platform as well as ranging across the endpoint estate. You will use emerging threat intelligence to inform and … and improve defensive measures by collaborating with the SOC team to enhance detection capabilities Assist in translating red team tactics into actionable intelligence for blue team operations Assist developing threat models and 'worst case scenario' playbooks based on emerging global risks, including APTs, insider threats and supply chain compromise and simulate real-world scenario to evaluate system … are desirable: Experience in Ai/Ml Systems Security, Including LLMs, transformers and model interpretability Certification such as OSCE, CCT, OSEP, OSMR or similar Prior experience in incident response, threat intelligence, or ethical hacking at an enterprise level Background in regulatory environments (e.g. ISO 27001, SOCII, GDPR or AI Act compliance) Software engineering expertise (Java, Kotlin, Go ) or reverse More ❯

/DFIR Consultant) to join their team. As an Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯

DFIR Consultant) to join their team. As a Senior Incident Responder, you'll take the lead on active engagements involving real-world attacks such as ransomware, data breaches, insider threats, and more. You'll conduct forensic investigations, advise clients on containment and recovery strategies, work on delivery and implementation, and produce detailed post-incident reports. This is a … incident response for a diverse client base, ensuring effective containment, investigation, and recovery. Conduct in-depth digital forensic analysis of relevant incident data Monitor and interpret the evolving cyber threat landscape, providing clients with timely, relevant insights into emerging threats, tactics, and vulnerabilities that may impact their organisation. Act as a key point of contact for clients, ensuring clear More ❯