1 to 25 of 45 Permanent Threat Detection Jobs in England

a Site Reliability Engineering Manager, you will lead a global team of talented SREs in the development, deployment, and continuous improvement of our Cyber Threat Detection Pipeline. Your leadership will ensure the delivery of a scalable, efficient, and highly reliable Threat Detection Engineering platform. Key Responsibilities … Security , Exabeam Advanced Analytics (UEBA), Security Data Lakes (e.g., Data Bricks or Snowflake), and Cribl for log ingestion. Drive the adoption and implementation of Detection as Code principles. Leveraging CI/CD pipelines to automate the deployment and management of detection rules and platform configurations, ensuring fast, reliable … great deal of SRE technical and managerial skills in a large enterprise environment, such as: A great background in theSRE field supporting a Cyber Threat Detection function, with demonstrable experience in a leadership or managerial role overseeing a team. Scripting and Automation Proficiency: Demonstrated expertise in scripting and more »

Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid/Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist - Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence … or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist - Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be … involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident more »

we are seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. … Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incident response activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing security infrastructure and workflows. Automation: Develop … and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to continuously improve our MXDR offerings. more »

we are seeking expressions of interest for passionate cybersecurity professionals to join our dynamic team. Initially we will be seeking experience with Managed Extended Detection and Response (MXDR) services. At Sekuro we leverage cutting-edge technologies and strategic partnerships to provide top-tier security solutions to our global clientele. … Responsibilities: Design and Implementation: Architect and deploy advanced MXDR solutions using CrowdStrike and AWS to protect client environments. Monitoring and Response: Conduct continuous monitoring, threat hunting, and incident response activities to identify and mitigate security threats. Integration: Integrate MXDR solutions with clients’ existing security infrastructure and workflows. Automation: Develop … and implement automation scripts and tools to enhance threat detection and response capabilities. Client Support: Provide expert-level support and guidance to clients, including conducting security assessments and providing recommendations. Collaboration: Work closely with other cybersecurity experts, analysts, and engineers within Sekuro to continuously improve our MXDR offerings. more »

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »

the Job Leading the Response: Acting swiftly and decisively during security incidents to mitigate risks. Incident Lifecycle Management: Overseeing incidents from the moment of detection, through the containment and eradication stages, to the final resolution. Post-Incident Analysis: Conducting detailed investigations post-incident to understand the root cause and … to develop strategies to prevent recurrence. Continuous Monitoring: Keeping a vigilant eye on the organization's security systems to detect any suspicious activities early. Threat Analysis: Evaluating potential threats and vulnerabilities to ensure that the organization is prepared to defend against them. Strategic Defense Implementation: Putting in place robust … unified security strategy. This role demands a proactive mindset, deep technical expertise, and strong leadership skills to navigate the complex and ever-evolving cyber threat landscape. It's about being always prepared, constantly learning, and effectively communicating to maintain and enhance the organization's security posture. Tasks & Responsibilities Evaluate more »

the Security Operations Center (SOC) team. Your role will involve managing both external and internal SOC personnel, overseeing security monitoring and analysis, incident response, threat intelligence, and vulnerability management activities. Key Responsibilities: Act as the subject matter expert on SOC matters for the organization. Manage the external SOC team … SOC team and ensure compliance with requirements. Set clear goals and objectives for the SOC team, providing guidance, support, and training as needed. Oversee detection, analysis, and response to security incidents and breaches, coordinating incident response efforts. Conduct post-incident reviews and implement corrective actions to prevent recurrence. Stay … abreast of cybersecurity threats, vulnerabilities, and trends, implementing and maintaining threat intelligence feeds and tools. Develop and refine SOC procedures and playbooks based on emerging threats and attack patterns. Evaluate new security solutions and technologies to enhance threat detection and response capabilities. Collaborate with IT and security more »

managed Security Operations Centre (SOC), they are committed to safeguarding their clients' digital assets and ensuring their peace of mind in an increasingly complex threat landscape. Job Description: As a Cyber Security Engineer with our client, you will play a crucial role in implementing and managing their cybersecurity infrastructure. … Your responsibilities will include: - Implementing and managing Azure Sentinel SIEM for threat detection, incident response, and security monitoring. - Configuring and maintaining Microsoft Defender for endpoint protection and threat detection. - Developing and maintaining KQL (Kusto Query Language) scripts for querying and analysing data within Azure Sentinel. - Collaborating with more »

and information security strategy that aligns with business objectives, Lead, mentor, and oversee a small global team responsible for security operations, incident response, and threat detection, fostering a culture of continuous improvement, innovation, and excellence, Collaborate with the Group IT team to ensure the organisation is protected against more »

necessary. Contribute to containment strategies during security incidents, data loss, or breaches. Assist in the design and implementation of SIEM use cases to enhance detection capabilities. Ensure the SIEM platform's health through daily checks and proactive maintenance. Employ various applications and systems, including firewalls, IDS, NAC, and encryption … on-call incident response team on a rotational basis (fortnightly). Generate relevant reports, including end-of-day summaries, handover reports, management intelligence, and threat and risk analyses. Liaise with third-party vendors when necessary to troubleshoot SIEM platform issues. Ensure all deliverables align with agreed-upon KPIs and … Proven 2 years of experience in a similar role, preferably within the Managed Security Service industry. Experience providing Managed Security Services or working in Threat/Risk Management environments, with a preference for SIEM platform exposure. Proficiency in monitoring security events, analyzing alerts, and managing security incidents, including incident more »

the first line of defence for our client, responding to alerts and conducting initial triage to determine appropriate actions. With a primary focus on threat detection, incident assessment and vulnerability management the Tier 1 Security analyst will be a critical role in maintaining the cybersecurity for our client. … work collaboratively with our customer base across the business and project teams as assigned. Key Behaviours Tenacity Ethical Curious Integrity Tasks/Responsibilities Operational Threat Monitoring: Continuously monitor security events and alerts within the organization’s network and systems. Identify suspicious activities, anomalies, and potential security incidents. Incident Triage … Skills & Experience Skills Technical Skills: Basic understanding of networking and security principles. Familiarity with security tools and technologies (e.g., Sentinel, Defender suite, firewalls, intrusion detection systems). Proficiency in log analysis and query languages (e.g., KQL, shell scripting, Snort rules). Analytical Skills: Ability to analyse and interpret security more »

audit requirements. Contribute to the development of a Cybersecurity Operations Resource and Capacity planner managed through BDO's Azure DevOps environment. Oversee incident response, threat detection, and mitigation efforts You'll be someone with: A good understanding of monitoring frameworks eg MITRE ATT&CK and SIEM technologies eg more »

on Defence and National Security. Crafting and delivering seamless onboarding experiences for our Managed SOC clients. Providing expert engineering support to analysts for efficient threat detection and response. Developing and maintaining robust detection rules to stay ahead of evolving threats. Actively participating in the design and optimization more »

on Defence and National Security. Crafting and delivering seamless onboarding experiences for our Managed SOC clients. Providing expert engineering support to analysts for efficient threat detection and response. Developing and maintaining robust detection rules to stay ahead of evolving threats. Actively participating in the design and optimization more »

networking technologies, server and storage systems, and cloud infrastructure (such as AWS or Azure). • Solid understanding of cyber security principles, including risk assessment, threat detection, and security frameworks. • The ability to communicate effectively and articulate complex concepts in a clear and concise manner. • Excellent problem-solving skills. more »

configure, and command a symphony of security tools - EDR/XDR, vulnerability management, email gateways, you name it. Fine-tune rules and detections, optimising threat detection and reducing false alarms. • Network Security Sage: Possess a deep understanding of network protocols, security concepts, and monitoring tools. Firewalls, IDS/ more »

designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. What you’ll be doing • Data Ingestion and Enrichment: o Configure Elasticsearch pipelines for data ingestion … from various sources, primarily from Kafka o Enhance data enrichment by integrating threat intelligence feeds and contextual information. • SIEM Solution Development: o Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. o Optimize SIEM rules, alerts, and dashboards for efficient threat detection. • Query more »

IT infrastructure components, including databases, storage solutions, and backup systems Ability to translate business requirements into efficient IT solutions Proficiency in cybersecurity practices, including threat detection, prevention, and incident response Professional work ethic with a client-driven focus and attention to detail Familiarity with IT project management methodologies more »

KQL combined with the ability to create custom KQL scripts that are used to conduct sophisticated security data analysis and uplift incident response and threat detection capabilities within a SIEM Highly motivated with the ability to work autonomously to complete a range of tasks to time and quality more »

resource utilization Implement and manage multi-factor authentication solutions for enhanced security across various systems and applications. Manage and monitor Endpoint security Platforms including detection and respond to advanced threats. Implement and maintain web and reverse proxy solutions, ensuring secure and reliable access to internal and external resources. Implement … Implementing security measures and protocols to safeguard the organization's IT infrastructure from potential threats and cyberattacks. This may include setting up firewalls, intrusion detection systems, and access controls. Investigating and resolving technical issues related to hardware, software, and network components. Troubleshooting may involve diagnosing problems, working with vendors … attitude, self starter, adaptable who welcomes challenge and problem solving Solid experience in managing and maintaining Windows Server environments, knowledge of Endpoint protection for threat detection and response. Exposure and experience in implementing various IT infrastructure in a fast paced challenging environment Proficiency in backup and replication technologies more »

to help organizations stay protected against emerging threats. About the Company: This leading provider of cybersecurity solutions is dedicated to empowering businesses with comprehensive threat detection and response capabilities. Their platform offers real-time insights and actionable intelligence to defend against cyber-attacks, ensuring clients' security posture remains more »

the software development lifecycle. Conduct Code Reviews and utilize Static Code Analysis to identify and mitigate security risks in software code. Implement monitoring and threat detection tools and practices to proactively identify and resolve performance issues and bottlenecks. Troubleshoot issues until root causes are understood on high traffic more »

one in their specialist area and currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach Automation of manual process utilising IAC Collaborate and co-develop with external suppliers and … internal engineering teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »

one in their specialist area and currently rebuilding their entire pricing & risk management platform from scratch. Responsibilities: Evaluate new security technologies and tools. Improve threat detection and response capabilities with a code-first approach Automation of manual process utilising IAC Collaborate and co-develop with external suppliers and … internal engineering teams to ensure data sources and detection rules are well enriched. Required: Strong understanding of the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming - Python, Rust, C++ or other major languages Knowledge of SecOps tooling (SIEM, SOAR, TI). more »

of Azure resources (VMs, storage, networking, databases, etc.) Implement and enforce security best practices within the Azure environment, including access control, identity management, and threat detection Monitor Azure services for performance and identify opportunities for optimization Automate routine tasks using Azure automation tools (ARM templates, Azure CLI, PowerShell more »