1 to 25 of 77 Permanent Threat Detection Jobs in London

we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a Senior … Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and More ❯

Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft … Sentinel, Defender, and KQL. Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500/204, SC-100/200/300/400. Proven experience managing a SOC/Security Operations function More ❯

Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft … Sentinel, Defender, and KQL. Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500/204, SC-100/200/300/400. Proven experience managing a SOC/Security Operations function More ❯

Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a threat intelligence … strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence and threat More ❯

Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a threat intelligence … strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence and threat More ❯

enhancing our cybersecurity framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and … with existing tools, utilizing them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint … Proven experience with Microsoft Sentinel and Defender XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large More ❯

by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯

managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. Key Responsibilities of the Role: Manage, build, and develop stakeholder relationships through regular meetings, strategic updates and consultative insights Lead comprehensive … and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders Provide clear actionable guidance on threat detection while consulting with technical and non-technical stakeholders Review security posture of client businesses, perform gap analyses, and create and deliver reports More ❯

managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. Key Responsibilities of the Role: Manage, build, and develop stakeholder relationships through regular meetings, strategic updates and consultative insights Lead comprehensive … and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders Provide clear actionable guidance on threat detection while consulting with technical and non-technical stakeholders Review security posture of client businesses, perform gap analyses, and create and deliver reports More ❯

growing cyber consultancy is seeking a client-facing Cyber Security Consultant to lead risk assessments, drive SIEM/XDR implementation, and guide customers through threat detection and governance improvements. This role is Ideal for individuals with an outgoing personality, confident speaking with stakeholders at all levels, strong all … response workflows. Conduct posture reviews, environment audits, and gap analyses. Present security findings and recommendations to stakeholders through meetings and reports. Provide guidance on threat detection best practices. Technical Skills & Experience: Proficient with SIEM/XDR tools (QRadar, Sentinel, Defender XDR). Strong knowledge of NIST CSF, NCSC More ❯

in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve … SOC operations, particularly around threat detection, and IR. Conduct SOC readiness assessments, identifying capability gaps and recommending improvements Provide strategic guidance on SOC tool selection, configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and … manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS/IPS, EDR, etc. Excellent communication skills, including the ability More ❯

provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection - whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award … winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents. A More ❯

Bumble is looking for a Threat Detection and Analysis Engineer to join our team and play a key role in fulfilling our mission to create a world where all relationships are healthy and equitable. Concretely this means you will be analysing data to prevent unintended uses for products … for our users, and improve the way Bumble operates. As a member of the Bumble Trust Engineering team, you are the first line of detection of bad actors using Bumble in unwanted and unexpected ways. As Bumble's customer base and suite of products grow, protecting customers from threats … sharing, and open-sourcing. What you will be doing: Analyse data across Bumble Inc products and implement logic for proactive discovery and prevention of threat actors and unwanted activity Develop new analytics and dashboards to visualise and surface data for analysis, reporting, and planning Develop and execute code to More ❯

leading business, contribute to cutting-edge security operations, and play a key role in enhancing security capabilities across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents … effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications We're looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis … and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident Response Security Automation (SOAR), Hyper Automation practices Familiarity with the MITRE ATT&CK framework SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.) Experience with Zero Trust More ❯

leading business, contribute to cutting-edge security operations, and play a key role in enhancing security capabilities across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents … effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications We're looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis … and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident Response Security Automation (SOAR), Hyper Automation practices Familiarity with the MITRE ATT&CK framework SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.) Experience with Zero Trust More ❯

A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This position plays … a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and implementing More ❯

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

secure and scalable cloud environments for a high-priority central government digital initiative. This role will place you at the centre of cloud-native threat detection and response, with a specific focus on deploying, tuning, and operationalising GuardDuty . You will act as the subject matter expert for … integrating GuardDuty across multiple AWS accounts and ensuring that detection capabilities are aligned to threat models, incident response playbooks, and compliance objectives. Key Responsibilities: Act as SME for AWS GuardDuty : deployment, configuration, alert tuning, and integration with downstream response processes Work with platform, architecture, and SOC teams to … embed GuardDuty into security operations and agile delivery workflows Define detection rules and thresholds aligned to business risk and threat profiles Advise on triage processes, integration with SIEM tooling, and use of GuardDuty findings for incident investigation Support wider AWS security efforts including posture management, governance, and compliance More ❯

secure and scalable cloud environments for a high-priority central government digital initiative. This role will place you at the centre of cloud-native threat detection and response, with a specific focus on deploying, tuning, and operationalising GuardDuty . You will act as the subject matter expert for … integrating GuardDuty across multiple AWS accounts and ensuring that detection capabilities are aligned to threat models, incident response playbooks, and compliance objectives. Key Responsibilities: Act as SME for AWS GuardDuty : deployment, configuration, alert tuning, and integration with downstream response processes Work with platform, architecture, and SOC teams to … embed GuardDuty into security operations and agile delivery workflows Define detection rules and thresholds aligned to business risk and threat profiles Advise on triage processes, integration with SIEM tooling, and use of GuardDuty findings for incident investigation Support wider AWS security efforts including posture management, governance, and compliance More ❯

Detect, monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. Maintain and optimize security information and event management systems and other security tools used in the SOC. Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team AWS-SOC Team More ❯

responsibilities - Monitor and analyze security alerts from various sources to detect and respond to potential threats in real-time. - Develop, implement, and fine-tune detection rules and correlation logic to improve threat detection capabilities. - Conduct in-depth investigations of security incidents, perform forensic analysis, and coordinate incident … activities. - Maintain and optimize security information and event management systems and other security tools used in the SOC. - Collaborate with other teams to enhance threat intelligence, improve incident response procedures, and provide regular reports on security posture. A day in the life As a Security Engineer in Detections, your … Security Engineers with security engineering, security operations and incident response activities. You will be responsible for coordinating and facilitating security response activities, fine-tuning detection rules. You'll investigate potential incidents, collaborate with threat intelligence teams, and develop new detection algorithms. About the team Diverse Experiences Amazon More ❯

to come. About Us Our UK&I Advisory Practice is a leader in cyber security transformation, partnering with organizations to tackle the evolving digital threat landscape. We combine technical expertise with strategic business insight to deliver end-to-end cyber solutions that enable innovation and secure digital growth. Role … actionable strategies. Guide clients through compliance with DORA, NIS2, and UK regulatory frameworks. Design comprehensive cyber security architectures that integrate cloud, identity, data, and threat protection. Build actionable implementation roadmaps considering business objectives and constraints. Evaluate and integrate partner technologies (e.g., Microsoft, AWS, GCP) for optimal client outcomes. Deliver … business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development Mentor consultants and More ❯

global security posture. As a subject matter expert, you’ll lead initiatives across network, cloud, data, and system security guiding critical IT projects, running threat models for complex systems, and building automation to validate controls and resilience. You'll act as the escalation point for Security Operations, driving swift … assets. Manage and fine-tune security tools to ensure optimal performance and coverage. Provide expert-level, second-line support to Security Operations for complex threat scenarios. Conduct thorough threat modeling and risk assessments to uncover vulnerabilities and drive proactive defenses. Oversee the relationship with our Managed Detection & Response (MDR) partner to ensure top-tier threat detection and response. Drive execution of the security roadmap, aligning with evolving business goals and threat landscapes. Partner with cross-functional teams to promote security best practices and embed security into daily operations. Requirements: 5+ years of hands More ❯