6 of 6 Permanent Threat Detection Jobs in Scotland

Cisco Talos Security Intelligence and Research Group is at the forefront of detecting and correlating threats in real-time, using the world's largest threat detection network. We collaborate extensively across Cisco's security ecosystem, driving innovation in threat detection technologies to safeguard the Internet from … as a member of a multi-disciplinary team, providing domain expertise when needed, sharing ideas and knowledge. What you'll do Proactively analyze potential detection gaps, propose projects and ideas, and define and implement a plan to make them real. Analyze large datasets to extract complex data patterns. Monitor … changes in the threat landscape via automation and visualization techniques and develop models to identify new threats. You will have the opportunity to build or enhance machine-learning pipelines to support Cisco's security products and tools, covering from model selection and training, to optimization, deployment, and monitoring. You More ❯

Tier 1 Analysts. As a Tier 2 Analyst you will work to ensure a seamless SOC operation & act as a bridge between foundational & advanced threat detection & response functions. Responsibilities: Conducting escalated triage & analysis on security events identified by Tier 1 Analysts, determining threat severity & advising on initial … correlated events & identifying patterns or anomalies that may indicate suspicious or malicious activity. Using OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats. Monitoring the threat landscape & documenting findings on evolving threat vectors, sharing relevant insights … Cyber teams to enhance overall situational awareness. Following established incident response playbooks, providing feedback for enhancements & suggesting updates to streamline internal Cyber processes & improving threat response times. . Coordinating with Tier 3 Analysts & management to refine detection & response workflows, contributing to continuous SOC maturity. Collaborating with Tier More ❯

Consultancy company, based in Glasgow, on multiple workstreams of a variety of complexity and scale. This is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to … Analyst will work closely with senior and junior analysts to ensure a seamless SOC operation and act as a bridge between foundational and advanced threat detection and response functions. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a shift … SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat vectors Follow established incident response playbooks, providing feedback for enhancements and streamlining CTAC processes Co-ordinate More ❯

Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable … Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container work flows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring … micro-perimeter security, and policy-based routing for hybrid network models. Oversee DNS, web access, and remote gateway protection at the edge. Security Operations & Threat Defence Act as the technical escalation point for complex threat investigations and incident response. Lead red-teaming simulations, vulnerability assessments, and threat More ❯

proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat intel; knowledge of the MITRE ATT&CK framework and security operations). Some other highly valued skills may More ❯

required. Developing KRI reports to assess the effectiveness of Identity Management controls. Recommending tooling enhancements, replacements, and service improvements, including automation opportunities to improve threat detection, containment, and eradication. Managing technical risks faced by IAM, overseeing the control framework, and implementing the Risk Management System (RMS). About More ❯