19 of 19 Permanent Threat Detection Jobs in the North of England

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing … advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively … solutions. Your role will involve conducting in-depth analysis, identifying indicators of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat More ❯

and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients' data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯

and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and implement … for enhanced security operations. Monitor and respond to security incidents and alerts, ensuring the protection of our clients' data and infrastructure. Conduct in-depth threat hunting and forensic investigations using KQL. Optimize security processes with Defender for Endpoint to detect, contain, and remediate threats. Collaborate with security analysts, engineers … contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with … hands-on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with … hands-on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

and mitigate cyber threats that pose risks to Vanquis Banking Groups cybersecurity posture. This involves monitoring security events, conducting incident response activities, enhancing our threat detection capabilities, and ensuring compliance with policy, standards, and regulation. Your contributions will directly impact our ability to protect sensitive data, maintain business … a Cyber Intelligence Specialist, you will: Actively participate the delivery of services provided by the Cyber Intelligence Centre including by not limited to Cyber Threat Intelligence, Security Posture Management, Cyber Security Incident Response, Threat Hunting, Penetration Testing & Red Team Testing, and Cyber Risk Mitigation. Incorporate threat intelligence … Stay updated on the latest cyber threats, attack vectors, and trends in the cybersecurity landscape. Continuously enhance skills in areas such as incident response, threat hunting, and the utilisation of threat intelligence. Support VBGs compliance with Audit, Data Protection, PCI and other security standards. What Were Looking For More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intelligence; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

ensuring Data Loss Prevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across Microsoft Azure environments. 3. Security Automation & Incident Response Automate security workflows with Power Automate … Power Apps, and Microsoft Defender XDR. Deploy Microsoft Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and More ❯

network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber events. Help improve SOC workflows, including automation and … threat detection use cases. Coach junior analysts and contribute to continuous improvement across the team. Essential Skills & Experience: Hands-on experience with Microsoft Sentinel (critical to this role). Experience in security operations, including SIEM tools (e.g., Sentinel, Splunk). Solid understanding of cloud environments (Azure and/… or AWS). Knowledge of network protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Desirable Skills: Experience in software engineering or penetration More ❯

network traffic using SIEM tools. Analyse and categorise security incidents in line with internal policies. Conduct in-depth incident investigations, reporting, and remediation. Utilise threat intelligence to detect and respond to potential threats. Support incident response activities for national-scale cyber events. Help improve SOC workflows, including automation and … threat detection use cases. Coach junior analysts and contribute to continuous improvement across the team. Essential Skills & Experience: Hands-on experience with Microsoft Sentinel (critical to this role). Experience in security operations, including SIEM tools (e.g., Sentinel, Splunk). Solid understanding of cloud environments (Azure and/… or AWS). Knowledge of network protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Desirable Skills: Experience in software engineering or penetration More ❯

and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design … and training to stakeholders, promoting security best practices and risk mitigation strategies. Security Automation & Optimization : Develop, implement, and optimize security automation processes to improve detection, response, and mitigation efforts. What we're looking for Experience : 3+ years in information security with a focus on cloud security, security architecture, and … Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical solutions. More ❯

Provider (MSP), we deliver innovative Infrastructure Management, AI, Modern Workplace, and Managed Security Services. Our modern Security Operations Centre (SOC) provides 24/7 threat detection, monitoring, and incident response, empowering organisations across various industries to protect their digital assets with confidence. We’re looking for a strategic … help shape the future of our security services. 🧠 What You'll Do Lead and manage day-to-day SOC operations, ensuring 24/7 threat monitoring and effective incident response. Oversee security alert triage, investigation, and escalation workflows. Drive continuous improvement across SOC processes, detection logic, and response … Level 1 and 2 SOC Analysts. Monitor SOC KPIs and SLAs, ensuring service excellence. Collaborate with engineering teams to improve tools, security automation, and detection logic. Stay on top of emerging threats, attack vectors, and evolving threat actor tactics. Act as a trusted point of contact for clients More ❯

ready to lead the front line of cyber defence? Were looking for an experienced SOC Manager to oversee and drive 24/7 cyber threat detection and response capabilities. In this critical leadership role, youll manage internal teams and external partners to deliver robust security operations, incident response … and continuous improvement across the whole cyber defence landscape. What Youll Do Lead daily SOC operations, incident response, and cyber threat mitigation. Manage and mentor a high-performing team of analysts and third-party partners. Own SOC processes, KPIs, and reporting, ensuring effective service delivery and performance. Drive strategic … initiatives in threat intelligence, SIEM, and vulnerability management. Collaborate across IT, business units, and the Deputy CISO to align security operations with organisational goals. What Were Looking For Proven experience leading a SOC or cyber defence team. Strong expertise in incident response, SIEM, vulnerability and threat management. Experience More ❯

and implement cloud security architectures across AWS, Azure, or Google Cloud. Develop and enforce cloud security controls , including IAM policies, encryption, and network security. Threat Monitoring & Incident Response Monitor cloud environments for security threats, vulnerabilities, and misconfigurations . Lead incident response efforts related to cloud security breaches and misconfigurations. … Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD More ❯

suspicious activity, and reporting issues so they can be adequately handled. You will work alongside our security engineers and partner teams to perform daily threat detection and incident response, using the full capability of AWS technologies and services to detect and mitigate cyber threats at a massive scale … enjoy learning about the most up-to-date new technologies and procedures to protect information systems and data. AMS Security provides 24/7 threat monitoring, investigation, and response across for customer's AWS environments. AMS enhances existing security capabilities by supporting security monitoring for all native AWS services … languages such as Python. PREFERRED QUALIFICATIONS - Knowledge of common system security vulnerabilities and remediation techniques. - Understanding of the tools, tactics, and techniques used by threat actors during security events. - Familiarity/experience with AWS services and security concepts. Posted: November 21, 2024 (Updated about 10 hours ago) Posted: December More ❯

cybersecurity and strong hands-on expertise with Splunk . Key Responsibilities: Monitor and respond to security incidents using Splunk and other SIEM tools Conduct threat detection, analysis, and incident response Support the design, implementation, and maintenance of security measures across infrastructure Work with internal teams to assess vulnerabilities More ❯

cybersecurity and strong hands-on expertise with Splunk . Key Responsibilities: Monitor and respond to security incidents using Splunk and other SIEM tools Conduct threat detection, analysis, and incident response Support the design, implementation, and maintenance of security measures across infrastructure Work with internal teams to assess vulnerabilities More ❯

Information Security Consultant - PKI & Threat Detection 6 Month Contract Opportunity with Opportunities for Longevity. Key Responsibilities: Identity and incorporate functional and non-functional security requirements and controls that align with our clients policies and standards, security best practice and regulatory and business security requirements, embedding them into designs … through formal tender process, feasibilities phases, design phases, implementation, and validation phases, including risk assessments Security Architecture and Design- Review of design documents, performing threat modelling and risk assessments, incorporating security non-functional requirements and be a standing member of Technical Design Authority Be the Security touchpoint for Business More ❯

incidents, conduct forensic investigations, and implement remediation actions to contain and mitigate risks. Maintain and optimise security monitoring tools and technologies to ensure effective detection and response capabilities. Collaborate with IT and engineering teams to implement security best practices and ensure compliance with security policies and standards. Review existing … best practices. SKILLS, KNOWLEDGE & EXPERIENCE Proven experience in a SOC or security operations role, with hands-on experience in security monitoring, incident response, and threat detection. Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM …/SOAR platforms, endpoint detection and response (EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and frameworks (e.g., NIST, CIS Controls, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA). Proficiency in scripting and automation (e.g. More ❯