22 of 22 Permanent Threat Intelligence Jobs in Scotland

maintain the cybersecurity incident response plan, and drive continuous improvement of our security operations. This position requires extensive expertise in incident response, digital forensics, threat hunting, and security monitoring technologies. You will provide technical leadership across the organization, mentor team members, and participate in 24x7 on-call rotations. … from our London, UK office. We'd love for you to join us! Your role: Proactively monitor Marqeta's environment for cyber threat activity and manage day-to-day security alerts through timely analysis, triage, and appropriate response actions Serve as the incident commander during security events ...

including containment, eradication, and recovery Document incident response procedures and outcomes for post-incident analysis and improvement Contribute to the collection and analysis of threat intelligence data to identify emerging threats and trends Assist in integrating threat intelligence feeds into security operations processes for proactive threat … have concluded You have an understanding of information security principles, practices, and technologies You have a strong interest in security operations, incident response, and threat detection methodologies You have an analytical mindset with the ability to analyse and interpret data effectively You are confident in communicating, in writing ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst Experience working with Splunk Familiarity with … threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols and attacker ...

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

Director, Cyber Security Operations and Threat Management Job Category : Information Technology Requisition Number : DIREC003304 Posted: April 15, 2026 Full-Time Hybrid Locations Showing 1 location FL - Headquarters 7850 SW 6th Ct Plantation, FL 33324, USA The Director for Security Operations and Threat Management is a strategic, and technically … between high‐level security strategy and hands‐on operational excellence, ensuring our global infrastructure—on‐prem and cloud—remains resilient against an ever‐evolving threat landscape. In addition, the Director will manage and monitor various security systems/tools and supports the assessment of system security controls. The ideal ...

lead and conduct complex cyber security incident investigations, providing expert technical analysis, guidance, and strategic advice to customers. This role combines advanced digital forensics, threat analysis, and incident response leadership with consulting, mentoring, and readiness activities that strengthen customer resilience and support Quorum Cyber’s mission to protect organisations … working outside of core hours as required. Perform advanced host, network, and memory forensics, including Windows, Linux, macOS, and multi-cloud artefact analysis. Identify threat actor tools, tactics, and procedures (TTPs). Analyse logs, network traffic, disk images, and volatile artefacts to determine attacker intent, actions, timelines, and impact. ...

RESTful APIs, webhooks, and data pipeline patterns. Detection Engineering & SIEM Development Write, tune, and maintain high-fidelity, low-noise SIEM detection rules by translating threat intelligence and attacker behaviour. Map coverage to the MITRE ATT&CK framework to address visibility gaps, and develop new detection logic with Security … trusted adviser across their security architecture. Proactively mitigate adoption risks, resolve deployment blockers, and conduct structured onboarding from platform fundamentals to advanced threat hunting. Monitor deployed environment health, address technical drift, and translate field experience into actionable product feedback internally. Pre-Sales & Proof of Value Support Partner with Sales ...

RESTful APIs, webhooks, and data pipeline patterns. Detection Engineering & SIEM Development Write, tune, and maintain high-fidelity, low-noise SIEM detection rules by translating threat intelligence and attacker behaviour. Map coverage to the MITRE ATT&CK framework to address visibility gaps, and develop new detection logic with Security … trusted adviser across their security architecture. Proactively mitigate adoption risks, resolve deployment blockers, and conduct structured onboarding from platform fundamentals to advanced threat hunting. Monitor deployed environment health, address technical drift, and translate field experience into actionable product feedback internally. Pre-Sales & Proof of Value Support Partner with Sales ...

RESTful APIs, webhooks, and data pipeline patterns. Detection Engineering & SIEM Development Write, tune, and maintain high-fidelity, low-noise SIEM detection rules by translating threat intelligence and attacker behaviour. Map coverage to the MITRE ATT&CK framework to address visibility gaps, and develop new detection logic with Security … trusted adviser across their security architecture. Proactively mitigate adoption risks, resolve deployment blockers, and conduct structured onboarding from platform fundamentals to advanced threat hunting. Monitor deployed environment health, address technical drift, and translate field experience into actionable product feedback internally. Pre-Sales & Proof of Value Support Partner with Sales ...

Cyber Security and cloud such as CISSP, CISA, CISM Significant knowledge of cyber security practices including risk management principles, architectural requirements, security engineering, threat intelligence, vulnerability management, and incident response. Experience leading cyber risk reviews. Able to deliver clear gap analysis against cyber security policy, standards and technology … Microsoft Azure. Excellent stakeholder management skills Previous experience as part of a security operations or incident response organization would be beneficial. Good knowledge of threat modelling techniques with some experience in developing threat models. Please note: You must have full working rights in the UK and be prepared ...

Sr. Software Engineer - Cheltenham, UK Location: Cheltenham, UK (Remote) Team: Product & Engineering Employment Type: Full-Time About VulnCheck VulnCheck is transforming vulnerability intelligence by helping security teams act faster and with more confidence. Our platform delivers early, high-quality exploit intelligence, deep asset correlation, and contextual insights … About the Role We’re looking for a Senior Software Engineer to design, build, and scale the core systems that power VulnCheck’s vulnerability intelligence platform. This is a high-impact, hands-on role where you’ll own critical services and data pipelines end-to-end—from design through ...

Sr. Software Engineer - Cheltenham, UK Location: Cheltenham, UK (Remote) Team: Product & Engineering Employment Type: Full-Time About VulnCheck VulnCheck is transforming vulnerability intelligence by helping security teams act faster and with more confidence. Our platform delivers early, high-quality exploit intelligence, deep asset correlation, and contextual insights … About the Role We’re looking for a Senior Software Engineer to design, build, and scale the core systems that power VulnCheck’s vulnerability intelligence platform. This is a high-impact, hands-on role where you’ll own critical services and data pipelines end-to-end—from design through ...

Sr. Software Engineer - Cheltenham, UK Location: Cheltenham, UK (Remote) Team: Product & Engineering Employment Type: Full-Time About VulnCheck VulnCheck is transforming vulnerability intelligence by helping security teams act faster and with more confidence. Our platform delivers early, high-quality exploit intelligence, deep asset correlation, and contextual insights … About the Role We’re looking for a Senior Software Engineer to design, build, and scale the core systems that power VulnCheck’s vulnerability intelligence platform. This is a high-impact, hands-on role where you’ll own critical services and data pipelines end-to-end—from design through ...

Sr. Software Engineer - Cheltenham, UK Location: Cheltenham, UK (Remote) Team: Product & Engineering Employment Type: Full-Time About VulnCheck VulnCheck is transforming vulnerability intelligence by helping security teams act faster and with more confidence. Our platform delivers early, high-quality exploit intelligence, deep asset correlation, and contextual insights … About the Role We’re looking for a Senior Software Engineer to design, build, and scale the core systems that power VulnCheck’s vulnerability intelligence platform. This is a high-impact, hands-on role where you’ll own critical services and data pipelines end-to-end—from design through ...

leading toy manufacturing company in Glasgow is seeking a Director of Cyber Security Operations and Threat Management to lead its cybersecurity efforts. This role involves overseeing the security operations team, developing threat intelligence programs, and managing the security measures across all platforms. The ideal candidate will have … deep understanding of threat management, security operations, and cloud security, with at least 8 years in the field and relevant certifications such as CISSP or AWS Security Certifications. #J-18808-Ljbffr ...

Here’s what you’ll be doing: When you join Simply Business, you’ll protect us from threat actors who attempt to evade our cyber defences. This is a hands-on technical position where you’ll play an important role in increasing the maturity of our Security Operations Centre … incident response activities and ensure timely communication with internal and external stakeholders facilitate table tops and training for analysts including malware reverse engineering, threat intelligence and network and security log analysis be a Technical leader and mentor for our SOC analysts. Foster a high performing team of trained ...

technical escalation point for junior engineers. You will work directly with customers and partners during high-impact incidents, collaborate closely with Engineering, Product, and Threat Intelligence to feed insight back into the platform, and drive the documentation, runbooks, and operational improvements that raise the bar for the whole ...

Obrela is a leading cybersecurity company helping organizations defend against advanced threats through innovative technology, expert intelligence, and managed security services. We enable businesses to operate with confidence in an increasingly complex threat landscape. OBRELA is seeking a driven and results-oriented Sales Manager to accelerate new business … experience working with partners, alliances, or indirect sales models, including co-selling and partner pipeline development Exposure to managed security services (MDR, MSSP, DFIR, Threat Intelligence) strongly preferred Experience working with or alongside partners/alliances Experience managing multi-stakeholder sales cycles, including senior business and technical decision ...

Obrela is a leading cybersecurity company helping organizations defend against advanced threats through innovative technology, expert intelligence, and managed security services. We enable businesses to operate with confidence in an increasingly complex threat landscape. OBRELA is seeking a driven and results-oriented Sales Manager to accelerate new business … experience working with partners, alliances, or indirect sales models, including co-selling and partner pipeline development Exposure to managed security services (MDR, MSSP, DFIR, Threat Intelligence) strongly preferred Experience working with or alongside partners/alliances Experience managing multi-stakeholder sales cycles, including senior business and technical decision ...

sensitive data and systems effectively Key responsibilities of the role include: Deploy, configure, and maintain, troubleshoot security tools such as SIEM, EDR, DLP, VM, Threat Intel,PAM etc extending to Cloud toolsets Perform assessments to understand the current and potential security gaps Use monitoring tools to detect and anomalies ...

Graylog : Empowering Threat Detection, Investigation, & Response Solutions with Cutting-Edge Technology Graylog specialises in delivering top-notch Threat Detection, Investigation, & Response (TDIR) solutions, backed by our latest addition, the Graylog API security platform. As a renowned centralised log management (CLM) and Security Information Event Management (SIEM) provider … take home gold and become the Globee Winner for Security Information & Event Management and the 2024 Globee Winner for Threat Hunting, Detection, Intelligence, and Response. Graylog was named a “Leader” and “Fast Mover” in GigaOM’s 2024 Radar Report for SIEM and 2025 has seen Graylog recognized ...

Graylog : Empowering Threat Detection, Investigation, & Response Solutions with Cutting-Edge Technology Graylog specialises in delivering top-notch Threat Detection, Investigation, & Response (TDIR) solutions, backed by our latest addition, the Graylog API security platform. As a renowned centralised log management (CLM) and Security Information Event Management (SIEM) provider … take home gold and become the Globee Winner for Security Information & Event Management and the 2024 Globee Winner for Threat Hunting, Detection, Intelligence, and Response. Graylog was named a “Leader” and “Fast Mover” in GigaOM’s 2024 Radar Report for SIEM and 2025 has seen Graylog recognized ...