24 of 24 Permanent Cyber Threat Intelligence Jobs in the South East

Primary Details Time Type: Full time Worker Type: Employee Threat Intelligence Specialist London Permanent (Hybrid) At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity We’re excited to be hiring a Threat Intelligence Specialist to join our Advanced … Threat Services (ATS) Teamon a full-time, permanent basis! You’ll be part of a supportive team that thrives on teamwork and innovation, where your expertise will be valued as we work together to tackle the ever-evolving cyber threat landscape. We’re looking to welcome our new team member from early January 2026 , so if you … re ready to make an impact in the new year, we’d love to hear from you! Your New Role Reporting to the Technical Threat Manager , you’llbe responsible for researching, analysing, and reporting on cyber threats targeting QBE’s global operations and technology environment. This role has a strong technical focus, centred on the collection, enrichment, automation More ❯

The department Covers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio for Change for all these areas.This is a rolling fixed term contract, initially 6 months. Mandatory 5 days on site. You will play a key role in overseeing our Threat Intelligence Centreefforts and ensuring alignment with … strategic planning objectives. You will beresponsible for the end-to-end management of major projects that enhance ourglobal cyber threat intelligence capabilities. This role requiresstrong project management expertise, a solid understanding of cybersecurityoperations, and the ability to effectively collaborate across global teams. Lead the end-to-endmanagement of the threat intelligence activities while ensuring alignment … Facilitatecommunication and coordination with global stakeholders across multiple regionsto ensure alignment of requirements and deliverables. Track activityprogress, manage risks, and implement risk mitigation strategies to ensuresuccessful outcomes. DriveStandardisation of threat intelligence protocols, tools, and governance acrossthe region. Partner withtechnology, compliance, and risk management teams to ensure compliance withregulatory and legal requirements in each jurisdiction such as GDPR &ISO27001 More ❯

Threat Intelligence Engineer/Honeypot Analyst £100,000 + benefits | Fully remote (including overseas work) Are you ready to push the limits of Threat Intelligence and offensive security? We're looking for a highly skilled Senior Threat Intelligence Engineer to help us enhance our ability to understand and detect how organisations could be compromised … This is a hands-on, high-impact role for an experienced and highly technical professional who thrives on complex data challenges and wants to shape the future of proactive cyber defence. What you'll do Analyse and interpret large-scale honeypot datasets to uncover patterns, behaviours, and real-world attack techniques. Design and deploy detections for both known and … emerging exploits, translating raw telemetry into actionable intelligence. Develop and maintain intelligence platforms capable of ingesting, analysing, and alerting on threats in real time. Build scenarios and simulations based on live adversary data to support detection engineering, research, and reporting. Collaborate across teams to ensure intelligence findings are rapidly operationalised and communicated to key stakeholders. Produce clear, insightful More ❯

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the … gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. Responsibilities Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network Investigate, mitigate, and forecast emerging technical trends and communicate effectively with … actionable suggestions to different types of audiences Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations Improve the tooling of threat cluster tracking and intelligence data integration to existing systems Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface More ❯

MAIN OBJECTIVES The Assistant Manager Information Security will play a critical role in safeguarding the bank's information assets, infrastructure, and customer data against evolving cyber threats. This role is responsible for driving and managing information security operations, ensuring continuous monitoring, identification, and timely remediation of security vulnerabilities to uphold a resilient security posture, and provide management with up … with UK regulatory requirements, industry standards, and best practices, while contributing to the development and enhancement of security frameworks, policies, and controls. Using strong analytical skills, deep knowledge of cyber security methodologies, and understanding of security infrastructure, including AWS cloud environments, the role will ensure the bank maintains cyber resilience, protects against financial and reputational risks, and fosters … events while minimizing business disruption. Monitor security operations to identify anomalies, investigate incidents, and coordinate timely remediation with internal teams and external providers. Keep up-to-date with evolving threat intelligence, security breaches, and industry developments, recommending proactive remediation measures and best practices to protect the bank's systems and data. Assurance & Compliance Responsibilities Partner with auditors, regulators More ❯

Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3–6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end … to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Manager with a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex … and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities – Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

Role: Cyber Security Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside of the … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

Team Management: Recruit, mentor, and lead a high-performing, multi-disciplinary security team. Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies Threat Intelligence and Incident Response: Establish and mature a robust threat intelligence program to proactively identify, analyze, and mitigate emerging threats, particularly those targeting the African fintech More ❯

behave from a security perspective and enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … be a fantastic next step in your career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat identification. Your responsibilities will … and clarity around what the data represents and why it matters. Identifying trends, patterns and anomalies in network activity from a security perspective. Helping translate technical findings into structured intelligence that can be used across the organisation. This is a frontline support role for the research function, offering space to explore, investigate and grow into a more advanced security More ❯

bridge the gap between strategic vision and technical execution — collaborating with vCISOs, Unit 42 engagement leads, and client stakeholders to design and deliver transformation blueprints and pragmatic roadmaps towards threat led resilience You'll work at multiple levels: partnering with Unit 42 peers and client senior decision makers to influence transformation direction, embedding into delivery teams to guide execution … and engaging in activities to elevate Unit 42's voice in the market. You bring a deep understanding of applying threat context to shape and drive transformation programmes. This role blends delivery, technical advisory, thought leadership, and enablement — ensuring our clients achieve measurable security outcomes while unlocking the benefits of a platform adoption strategy. Your Impact Client Engagement and … specialist technical topic and the ability to present it at industry events. Professional certifications (e.g., CISSP, CISM, CCSK, PCNSE). Additional Information Unit 42 brings together our world-renowned threat researchers with an elite team of security consultants to create an intelligence-driven, response ready organization. The Unit 42 Threat Intelligence team provides threat research More ❯

This is a key role within the Global Security Operations Centre (GSOC). You will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. You will report to the Senior Manager, Incident Response and works with a team of 4-6 technical specialists. You will act as … day per week remotely, depending on working arrangements. What will you do? Global accountability to respond to critical security incidents/events providing accurate and timely reporting to Global Cyber Security Leadership. Provide 7/24/365 support for security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting. … timely communication to all stakeholders regarding incident response activities. Provide post mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues. Responsible for working with threat intelligence, Security Operations Centre and extended teams to ensure global compliance to RBC standards with respect to security incidents and related findings. Responsible for driving to resolution security More ❯

Location: London, UK (Hybrid: 2 days per week in the office) Company: Navro – Pioneering the Future of Payments Securing Trust: Cyber Security Lead This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. We're Navro, a rapidly scaling B2B payments startup … and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain security integrations across our tech … mediocrity. Requirements What This Role Demands: You Own It – You lead our detection and response mission. You help define the roadmap, build the pipelines, and drive measurable outcomes across threat visibility, MTTD/MTTR, and resilience. You Ask Questions – You challenge assumptions to improve signal‐to‐noise, coverage, and automation. Why this alert? Where's the data gap? How More ❯

Head of IT Security - Wembley - (Enterprise-wide Cyber & Information Security) Location: Wembley - 5 days on-site Salary: (phone number removed) per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect … critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability … a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC More ❯

Role: Senior Cyber Operations Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Associate Manager Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company, providing … have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines, when espionage or insider threats threaten operations, we’re the people called to help.We’re looking for curious … languages to protect clients that range from household brands to nationally significant infrastructure.We’re one of the NCSC CIR-enhanced capabilities in the UK (https://schemes/cyber-incident-response/information-for-buyers), meaning our team is trusted to respond to the nation’s most critical incidents, including ransomware, espionage, insider threats, and large-scale fraud.You More ❯

in a busy Security Operations Center with a technology-oriented attitude and the capacity to assume control. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. Role based on site in our Farnborough office and is shift work. 2 x 6am to 6pm … the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members to maintain and update … security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge More ❯

have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead - Cyber Security Support the implementation and continuous improvement of the Cybersecurity Control Testing Framework. Execute control testing in line with defined procedures, templates, and standards. Assist in the development and … in this role, the essential criteria you'll need are Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, cyber risk management, and control frameworks. Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls. Clear and professional verbal and written communication, including the ability to … work independently with minimal supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy. Strong understanding of Cybersecurity Domains, including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯

a Security Testing Consultant to join a global organisation that helps governments, critical infrastructure, and commercial enterprises gain digital advantage in complex environments. This role sits within a specialist cyber team delivering cutting-edge security testing services across diverse sectors. What You'll Do: Deliver end-to-end security testing engagements, from scoping to client wash-up meetings. Perform … application, web, mobile, and infrastructure testing, including intelligence-led and objective-based assessments. Produce clear, detailed reports and presentations for technical and non-technical stakeholders. Develop tools, scripts, and techniques to enhance testing capabilities. Collaborate with adjacent teams such as Threat Intelligence and Incident Response. What We're Looking For: Proven experience in security testing projects and More ❯

United Kingdom Type: Permanent Role: Pen Tester Location: London Salary: 55K - 65K Working Pattern: Hybrid The Opportunity: We are looking for an experienced Pen Tester to join a global Cyber Technical Services team that supports National Security, Defence, and Critical Infrastructure sectors. You will be responsible for delivering comprehensive security testing engagements, applying your expertise to safeguard vital systems. … What You Will Do as a Pen Tester: Lead end-to-end security testing projects including scoping, execution, and reporting Conduct application, infrastructure, and intelligence-led tests to identify vulnerabilities Produce clear technical and non-technical reports for diverse stakeholders Ensure safe use of testing tools and develop improvements in scripts and techniques Collaborate with Threat Intelligence … Competitive pension plan and employee share schemes Extensive health, wellbeing, and lifestyle benefits Inclusive culture valuing diversity and supporting career development Apply Now: To make a significant impact in cyber security, reach out directly to Ciaran Cleland on LinkedIn for a confidential conversation about the Pen Tester Role Reference: AMC/CCL/LPT Postcode: SE1 0NR #cicl More ❯

teams across multiple regions. Experience leading leaders — not just individual contributors. Proven success scaling high-throughput distributed systems in production. Strong background in early-stage B2B SaaS (ideally cybersecurity, threat intelligence, or offensive security tools). Deep technical expertise across: Cloud: AWS, Azure IaC: Terraform, Ansible Platforms: Kubernetes (EKS), ECS, Docker, Lambda, Airflow Observability: EFK, Prometheus, Grafana, Jaeger More ❯

Uncapped Commission + Remote + Company Benefits Are you a Cybersecurity Sales Specialist experienced within managed services looking to work for a market leading, global company at forefront of cyber resilience, helping organizations protect their digital ecosystems, in a role where you will work remotely, with excellent earning potential? Do you want the opportunity to work with some of … the biggest names in their industry across a variety of sectors including government, Retail, and Banking? This company specialise in transparent, collaborative cyber defence and have gone from strength to strength since their inception in 2010. On offer is the opportunity to work for an award winning organisation where your ideas matter, your growth is supported, and your work … you will be coming in to an already attractive pipeline and be responsible for driving new business revenue across the companies core services, including MDR, SOC, EDR/XDR, Threat Intelligence, and Pen Testing. You will work almost fully remotely but be expected to come to the Wakefield office once a month. This role would suit a highly More ❯

+ Remote + Company Benefits Are you a Business Development Executive experienced within Cybersecurity as a Service looking to work for a market leading, global company at forefront of cyber resilience, helping organizations protect their digital ecosystems, in a role where you will work remotely, with excellent earning potential? Do you want the opportunity to work with some of … the biggest names in their industry across a variety of sectors including government, Retail, and Banking? This company specialise in transparent, collaborative cyber defence and have gone from strength to strength since their inception in 2010. On offer is the opportunity to work for an award winning organisation where your ideas matter, your growth is supported, and your work … you will be coming in to an already attractive pipeline and be responsible for driving new business revenue across the companies core services, including MDR, SOC, EDR/XDR, Threat Intelligence, and Pen Testing. You will work almost fully remotely but be expected to come to the Wakefield office once a month. This role would suit a highly More ❯