Permanent Threat Detection Jobs in London

1 to 25 of 100 Permanent Threat Detection Jobs in London

Senior Security Engineer (Threat Detection and Response)

London, United Kingdom
SumUp Inc
we are dedicated to protecting our organization from evolving threats. We are looking for a skilled and passionate Senior Security Engineer to focus on Threat Detection and Response in a dynamic, hybrid cloud environment. This is a unique opportunity to lead and enhance our capabilities in detecting, investigating … with cross-functional teams across the Information Security organization and external partners. We lead key initiatives, including security monitoring, incident response, vulnerability management, and threat intelligence, all aimed at strengthening our security posture and ensuring resilience against emerging threats. About the role & what you'll do: As a Senior … Security Engineer specializing in Threat Detection and Response, you will be at the forefront of our security efforts, leading incident response investigations, driving incidents to resolution, and implementing improvements based on lessons learned. Additionally, you will develop and automate detection and response workflows, elevating the efficiency and More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Senior Microsoft Sentinel / SIEM Engineer

london, south east england, United Kingdom
Hybrid / WFH Options
Cloud Decisions
product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise … and optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed More ❯
Posted:

Senior Microsoft Sentinel / SIEM Engineer

south west london, south east england, United Kingdom
Hybrid / WFH Options
Cloud Decisions
product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise … and optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed More ❯
Posted:

Senior Microsoft Sentinel / SIEM Engineer

west london, south east england, United Kingdom
Hybrid / WFH Options
Cloud Decisions
product roadmap, security previews, and frontline support. You'll work at the sharp end of cyber defence, directly contributing to investigations involving nation-state threat actors (including IR, CH, and NK based campaigns) while refining your craft across enterprise-scale log ingestion and customised Sentinel integration engineering that will … wide log onboarding into Microsoft Sentinel – deploying standard and custom connectors, Function Apps, and parsers to build tailored SIEM solutions that drive real-world threat detection and response. Log ingestion at scale across numerous hybrid and multi-cloud environments Enhance custom Function Apps and ingestion pipelines Parse, normalise … and optimise log telemetry to ensure precision and cost control Partner with IR teams on real attacks – tuning rules against live threat actor activity Sync closely with Microsoft teams to build cutting-edge detection capabilities Contribute to internal knowledge base and help shape engineering standards What's needed More ❯
Posted:

Operations Manager - Security

london, south east england, United Kingdom
iO Associates - UK/EU
Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft … Sentinel, Defender, and KQL. Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500/204, SC-100/200/300/400. Proven experience managing a SOC/Security Operations function More ❯
Posted:

Operations Manager - Security

london (city of london), south east england, United Kingdom
iO Associates - UK/EU
Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft … Sentinel, Defender, and KQL. Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500/204, SC-100/200/300/400. Proven experience managing a SOC/Security Operations function More ❯
Posted:

Operations Manager - Security

London, England, United Kingdom
IO Associates Careers
Location: London (Remote) iO Associates is aligned with a leading housing association to recruit a hands-on Security Operations Manager to lead incident response, threat detection, and security monitoring efforts. You'll guide a capable SOC team, manage real-time investigations, and enhance their security posture using Microsoft … Sentinel, Defender, and KQL. Key Responsibilities: Lead and manage the Security Operations Centre (SOC) Handle incident response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ-500/204, SC-100/200/300/400. Proven experience managing a SOC/Security Operations function More ❯
Posted:

Cyber Threat Intelligence Manager

London Area, United Kingdom
Hybrid / WFH Options
Adeptis Group
Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a threat intelligence … strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence and threat More ❯
Posted:

Cyber Threat Intelligence Manager

london, south east england, United Kingdom
Hybrid / WFH Options
Adeptis Group
Cyber Threat Intelligence (CTI) Manager 📍 Location: Hybrid – London 💼 Type: Permanent A high-impact greenfield role with a global aviation and travel leader, this is an opportunity to shape the CTI capability from the ground up. We’re supporting a well-established organisation in their search for a Cyber Threat Intelligence Manager to define and lead threat intel strategy across a complex, multi-entity environment. 🔧 The Role: As CTI Manager, you’ll be responsible for: Designing and building a greenfield CTI function to support proactive threat detection and strategic decision-making Developing a threat intelligence … strategy aligned with business risks and SOC priorities Collaborating with a newly selected MSSP to integrate threat feeds, TTPs, and IOCs into detection and response workflows Defining intelligence requirements, deliverables, and reporting outputs across OpCos and leadership teams Supporting SOC and CIRT operations through contextualised intelligence and threat More ❯
Posted:

Security Engineer

London, United Kingdom
周物癥
enhancing our cybersecurity framework by leading the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and … with existing tools, utilizing them to elevate existing Security Operations Design and optimize SIEM (Security Information and Event Management) rules using FortiSIEM to enhance threat detection and streamline incident response activities Deploy and manage Endpoint Detection and Response (EDR) solutions, specifically FortiEDR, SentinelOne, and Defender for Endpoint … Proven experience with Microsoft Sentinel and Defender XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Security Analyst

london, south east england, United Kingdom
Hybrid / WFH Options
ZKM Consulting
by delivering security insights, enhancing incident response capabilities, and integrating a proprietary security platform into existing environments. You’ll be on the frontline of threat detection and response, collaborating with IR teams and helping customers get the most out of the platform’s capabilities. If you’ve got … solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects with customer security teams Supporting the integration of a next-gen security More ❯
Posted:

Lead Devops

London Area, United Kingdom
Tata Consultancy Services
Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯
Posted:

Lead Devops

london, south east england, United Kingdom
Tata Consultancy Services
Compliance services, including IAM, AWS Organizations, SCPs, Secrets Manager, AWS Config, GuardDuty, Security Hub, CloudTrail, and AWS KMS for encryption, ensuring robust cloud security Threat Detection & Compliance: Implementation of AWS security tools like Amazon Detective, AWS Shield, WAF, AWS Firewall Manager, enforcing security compliance standards such as ISO … Tools (Terraform, Helm, Ansible, Kustomize etc.) CI/CD & Security Automation Cloud Cost Optimization & FinOps (AWS Trusted Advisor, Compute Savings Plans, cost forecasting strategies) Threat Intelligence & Compliance (ISO 27001, SOC2, GDPR, NIST frameworks) AWS-native Security Services (Macie for sensitive data discovery, Inspector for vulnerability scanning, GuardDuty for threat detection) Programming & Scripting (proficiency in Python and Shell Scripting for automation, cloud resource management, and infrastructure monitoring) AWS Database Expertise AWS Networking Expertise (strong knowledge of VPC design, Subnetting, Route Tables, NAT Gateways, Transit Gateway, VPC Peering, Direct Connect, PrivateLink, ALB/NLB/CLB Load Balancers, AWS More ❯
Posted:

Cyber Security Consultant

London, England, United Kingdom
Insignis Talent
managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. Key Responsibilities of the Role: Manage, build, and develop stakeholder relationships through regular meetings, strategic updates and consultative insights Lead comprehensive … and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders Provide clear actionable guidance on threat detection while consulting with technical and non-technical stakeholders Review security posture of client businesses, perform gap analyses, and create and deliver reports More ❯
Posted:

Cyber Security Consultant

london, south east england, United Kingdom
Insignis Talent
managing SIEM tools such as QRadar and/or Sentinel. You’ll be working closely with end customer stakeholders, undertaking proactive risk management, and threat detection consulting. Key Responsibilities of the Role: Manage, build, and develop stakeholder relationships through regular meetings, strategic updates and consultative insights Lead comprehensive … and incident response processes acting as a point of escalation and point of contact for internal and external stakeholders Provide clear actionable guidance on threat detection while consulting with technical and non-technical stakeholders Review security posture of client businesses, perform gap analyses, and create and deliver reports More ❯
Posted:

Cyber Security Consultant

london, south east england, United Kingdom
Hybrid / WFH Options
InfoSec People Ltd
growing cyber consultancy is seeking a client-facing Cyber Security Consultant to lead risk assessments, drive SIEM/XDR implementation, and guide customers through threat detection and governance improvements. This role is Ideal for individuals with an outgoing personality, confident speaking with stakeholders at all levels, strong all … response workflows. Conduct posture reviews, environment audits, and gap analyses. Present security findings and recommendations to stakeholders through meetings and reports. Provide guidance on threat detection best practices. Technical Skills & Experience: Proficient with SIEM/XDR tools (QRadar, Sentinel, Defender XDR). Strong knowledge of NIST CSF, NCSC More ❯
Posted:

Security Operations Consultant

london, south east england, United Kingdom
LT Harper - Cyber Security Recruitment
in Cyber Security Operations Centre (SOC) practices. This role is ideal for someone with a strong ability to analyse and enhance SOC effectiveness, from threat detection to incident response, and provide clear and appropriate advice and guidance. Key Responsibilities of the SecOps Consultant Collaborate with clients to improve … SOC operations, particularly around threat detection, and IR. Conduct SOC readiness assessments, identifying capability gaps and recommending improvements Provide strategic guidance on SOC tool selection, configuration, and integration based on operational needs. Monitor emerging threats and trends, advising stakeholders on potential impacts and mitigation strategies. Deploy, configure, and … manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS/IPS, EDR, etc. Excellent communication skills, including the ability More ❯
Posted:

Customer Success Manager - Industrial Customer Success Full Time Employee

London, United Kingdom
Hybrid / WFH Options
BlueSnap, Inc
provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection - whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award … winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents. A More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

SIEM Automation Engineer

london, south east england, United Kingdom
Hybrid / WFH Options
Context Recruitment
and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients’ data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯
Posted:

SIEM Automation Engineer

west london, south east england, United Kingdom
Hybrid / WFH Options
Context Recruitment
and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients’ data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯
Posted:

SIEM Automation Engineer

south west london, south east england, United Kingdom
Hybrid / WFH Options
Context Recruitment
and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients’ data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯
Posted:

Threat Detection & Analysis Engineer

London, United Kingdom
Bumble
Bumble is looking for a Threat Detection and Analysis Engineer to join our team and play a key role in fulfilling our mission to create a world where all relationships are healthy and equitable. Concretely this means you will be analysing data to prevent unintended uses for products … for our users, and improve the way Bumble operates. As a member of the Bumble Trust Engineering team, you are the first line of detection of bad actors using Bumble in unwanted and unexpected ways. As Bumble's customer base and suite of products grow, protecting customers from threats … sharing, and open-sourcing. What you will be doing: Analyse data across Bumble Inc products and implement logic for proactive discovery and prevention of threat actors and unwanted activity Develop new analytics and dashboards to visualise and surface data for analysis, reporting, and planning Develop and execute code to More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Senior Security Operations Center Analyst

London Area, United Kingdom
Bestman Solutions
leading business, contribute to cutting-edge security operations, and play a key role in enhancing security capabilities across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents … effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications We're looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis … and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident Response Security Automation (SOAR), Hyper Automation practices Familiarity with the MITRE ATT&CK framework SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.) Experience with Zero Trust More ❯
Posted:

Senior Security Operations Center Analyst

london, south east england, United Kingdom
Bestman Solutions
leading business, contribute to cutting-edge security operations, and play a key role in enhancing security capabilities across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents … effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications We're looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis … and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident Response Security Automation (SOAR), Hyper Automation practices Familiarity with the MITRE ATT&CK framework SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.) Experience with Zero Trust More ❯
Posted:

Threat Intelligence Lead

London, United Kingdom
Barclay Simpson
A leading Financial Services firm seeks a Threat Intelligence Lead to spearhead their Global threat intelligence initiatives and enhance their Cyber Defence strategy. This is a hands-on, technical role focused on Threat hunting, Malware analysis, and tracking changes made by Threat Actors. This position plays … a key role in shaping the Cyber Defence strategy, driving deliverables, and focusing on Threat-led and Threat detection activities. The organisation is investing in new tooling, including the procurement of a new TIP solution. The individual in this role will be responsible for building and implementing More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:
Threat Detection
London
10th Percentile
£69,000
25th Percentile
£73,932
Median
£85,000
75th Percentile
£92,500
90th Percentile
£107,500