1 to 25 of 41 Permanent Threat Detection Jobs in England

exciting opportunity has arisen for a T hreat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a T hreat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting. This role offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with ...

SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with internal teams and external security partners to strengthen our threat detection capabilities and improve the organisation … overall cyber resilience. This is an excellent opportunity for a security professional who enjoys leading teams, improving security operations, and driving proactive threat detection strategies. Key Responsibilities Lead and mentor the internal Security Operations team, overseeing daily operational activities and performance Define and implement the strategy and operational ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across … business teams. Guide and support SOC analysts across L1, L2, and L3 functions to ensure effective 24/7 security operations. Drive improvements across threat detection, incident response processes, and SOC operational maturity. Skills & Experience Extensive experience working in Security Operations Centres (SOC), including leadership or managerial responsibilities. ...

significant modernisation of its technology and security environment. As part of this programme, the organisation is strengthening its Security Operations capability to improve threat detection, response, and operational automation across its infrastructure and cloud platforms. This role sits within a small, hands-on Security Operations team reporting into … Head of SecOps. The team works closely with an external MSSP that provides 24/7 monitoring support, while internal engineers focus on detection quality, incident response, and improving operational capabilities. The position is intentionally broad - blending elements of detection engineering, alert investigation, threat hunting, and automation ...

will have genuine influence. Own the end-to-end performance of a mature, multi-client SOC Drive real improvements to tooling, playbooks, and threat detection capability Mentor and develop a team of skilled Analysts and Incident Responders Engage directly with senior stakeholders and shape security strategy Work within … performance reviews and create structured development plans Foster a culture of continuous improvement and operational excellence Incident Management Oversee the full incident lifecycle, from detection through containment and resolution Ensure SLA adherence, clear escalation paths, and consistent client communication Maintain, test, and continuously improve incident response plans and playbooks ...

seeking an experienced Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations … Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure ...

seeking an experienced Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations … Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure ...

detail‐driven Senior Cyber Operations Analyst to join their team. This is a fantastic opportunity to work with cutting‐edge tooling, contribute to threat‐driven defensive security, and shape advanced SecOps capabilities across enterprise environments. About the Role As a Senior Cyber Operations Analyst at Associate Manager level … heart of a thriving Cyber Practice covering Assurance, Compliance, SecOps, Offensive Security and Research. You’ll play a pivotal part in threat detection, incident response, detection engineering, and security monitoring — helping defend major UK organisations. This role is perfect for someone who thrives in technical depth, enjoys ...

initial We are looking for an experienced Senior Security Engineer to join a growing cyber security team, helping to strengthen security controls, monitoring and threat detection capabilities across the organisation’s technology estate. This role will play a key part in the operation and improvement of core security … detect threats, improve visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management ...

engineers to optimise the effectiveness of security tools and platforms. Consuming and operationalising modern security technologies, including XDR and SIEM solutions, to enhance visibility, threat detection, and response effectiveness for clients Performing research and investigations to solve client’s technical security problems. Preparing impactful reports on security posture … organisational domains and common industry frameworks such as NIST CSF and ISO27001. Demonstrable experience of operating a key security process, such as vulnerability management, threat detection and response, or cyber security attack surface management, Hands-on expertise across a range of modern security technologies such as XDR, SIEM ...

real-world security impact. The successful candidate will work closely with customers, engineers, and operational security teams to deliver meaningful improvements across identity, detection engineering, endpoint security, and cloud security posture. This is a hands-on role involving the design and implementation of modern security architectures, solving complex technical … detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation ...

security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include … Acting SME on Elastic Security and Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting ...

response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management. Conduct and support risk assessments, ensuring robust controls are implemented and maintained. Partner with Technology, Risk, Compliance ...

security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data. You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable. Key responsibilities include … Acting SME on Elastic Security and Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting ...

DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring our detection controls are validated against real-world threat actor Tactics, Techniques, and Procedures (TTPs). This is an ideal "next step" role … experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum 2 days per week on-site due to workload classification. Security Clearance: Candidates must ...

gain deeper exposure to modern Microsoft security tooling. You’ll work alongside experienced cyber professionals investigating security alerts, supporting incident response, and helping improve detection capability across client environments. Responsibilities Monitor and investigate alerts within a SIEM environment Analyse logs and identify potential security incidents Triage alerts and escalate … incidents where required Assist with incident investigation and reporting Support the development and tuning of detection rules Collaborate with senior analysts and engineers on security operations Key Skills & Experience 1–2 years’ experience in a SOC Analyst or security monitoring role Experience working with SIEM platforms (Microsoft Sentinel beneficial ...

organisation's SIEM platform Perform initial triage and investigation of security alerts Escalate potential security incidents to senior analysts Assist with incident response and threat detection activities Support vulnerability management and security monitoring Maintain accurate incident records and documentation Work collaboratively with IT and security teams Required Skills … Basic understanding of cyber security principles and threat landscapes Familiarity with SIEM tools or security monitoring platforms Knowledge of networking fundamentals and operating systems Strong analytical and problem-solving skills Interest in developing a career within cyber security Nice to Have: Experience with Splunk, Sentinel, QRadar or Elastic Exposure ...

information security controls and countermeasures, ensuring alignment with the risks they are intended to mitigate Work with an outsourced Security Operations Centre (SOC), maintaining threat detection and response processes in conjunction with the InfoSec team to ensure its continued effectiveness Effectively operate established technical information security controls … functional collaboration as needed Conduct security incident investigations, collaborating with technical and non-technical stakeholders as appropriate, with the aim of identifying root cause, threat vector utilised, scope of compromise and related remedial and preventative actions Implement and administer technical security tooling (Such as Defender for Cloud, Defender ...

implementing technical information security controls and countermeasures aligned with specific risks. SOC Collaboration: Working with an outsourced Security Operations Centre (SOC) to maintain effective threat detection and response. Tooling & Incident Response: Administering technical security tooling (such as Defender for Cloud, Defender for Endpoint, and Nessus) and conducting security ...

risk and contributing to the continuous improvement of the company's overall security posture. Responsibilities: Monitor security tools including SIEM (QRadar) and respond to threat detection alerts Triage, analyse and prioritise security (via ServiceNow) Investigate root causes of security issues and design effective remediation solutions Oversee Patch Management ...

monitoring, incident resolution, and continuous service improvement. Support in operational leadership, providing insight on risks, capacity, and technology readiness. Lead cyber security operations, including threat detection, vulnerability management, and incident response. Ensure the stability, resilience, and scalability of core infrastructure, networks, cloud platforms, and end-user devices. Oversee ...

Police Digital Services and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology … ensure security issues are addressed quickly upon discovery. NMC Cyber Detect Analyst duties involve but are not limited to: Initial Triage of alerts - evaluation & detection Confirmation of false positive Incident data gathering and feedback on any gaps and issues in respect to Platform Content or tuning opportunities Reflection ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...

Engineer to play a key role in protecting their systems, infrastructure, and data. This is a hands-on position where you'll lead on threat detection, incident response, and continuous security improvement across the business. What You'll Be Doing Monitoring and analysing security events (SIEM, endpoints, networks ...