20 of 20 Permanent Threat Intelligence Jobs in the South East

Cyber Threat Detection/SIEM Analyst - SANS/GIAC Cyber Threat Detection Analyst Location: Wokingham, Berkshire (On-site) Salary: Competitive (dependent on experience) + excellent benefits & training Security Clearance: Ideally SC Cleared or eligible for SC Role Overview As a Cyber Threat Detection Analyst, you will play … hands-on role within an advanced cyber defence function, focused on proactive threat hunting, adversary behaviour analysis, and high-fidelity threat detection across enterprise environments. This role goes beyond reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence ...

cyber security leader responsible for developing and executing enterprise-wide cyber defence strategies to protect critical business systems, data, and infrastructure. Leads security operations, threat detection, incident response, and cyber resilience initiatives while ensuring alignment with organisational risk management objectives. Key Responsibilities Lead and manage the Cyber Defence function … overseeing security operations, threat intelligence, vulnerability management, and incident response capabilities. Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats. Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents. Oversee threat intelligence programmes ...

looking for a Cyber Threat & Vulnerability Analyst to join our Cyber Security team, helping protect the systems that deliver essential water services to millions of customers every day. You'll play a key role in identifying, assessing, and reducing cyber risk across a large and complex technology estate, making … closely with technical teams and business stakeholders to keep our services safe, resilient, and running smoothly. What you'll be doing as a Cyber Threat & Vulnerability Analyst: As a Cyber Threat & Vulnerability Analyst, you'll be responsible for supporting and improving how we identify, assess, and manage cyber ...

critical in improving, developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security … analysis. Designs and executes advanced vulnerability assessments using both automated and manual techniques; collaborates with stakeholders to prioritize remediation based on business risk and threat intelligence. Oversees continuous monitoring of threat intelligence feeds and security alerts, proactively identifying emerging risks and recommending strategic countermeasures. Interprets and synthesizes ...

available throughout the hiring process. This is an opportunity to play a key role in protecting critical customer environments, leading complex investigations, driving proactive threat hunting activities, and helping shape the future of our security monitoring services. Were looking for someone who enjoys solving difficult security challenges, mentoring others … across high-security customer environments Act as a senior escalation point for Tier 1 and Tier 2 analysts during active security events Drive proactive threat hunting campaigns to identify emerging threats, vulnerabilities, and anomalous behaviour Develop and improve detection logic, alerting, and monitoring content within SIEM platforms including Elastic ...

well-established cyber security capability supporting mission-critical environments. Cyber security is central to the organisation's strategy, with ongoing investment in tooling, threat intelligence, and specialist talent. The security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices … SIEM and security tooling. This role combines hands-on SIEM analysis, alert triage, investigation, and detection improvement, alongside exposure to incident response and proactive threat detection activities. You will work across multiple data sources to identify suspicious behaviour, analyse events, and support the organisation's cyber defence posture through ...

deliver high-quality detections across Microsoft Sentinel and Splunk, helping protect critical systems and clients in real time. If you thrive on turning threat intelligence into actionable detection logicand enjoy working at the heart of a live SOCthis is your opportunity to make a real impact. This role … improve SOC efficiency. Validate detections against telemetry and ensure accuracy. Support onboarding of log sources across cloud, infrastructure, identity and network. Collaborate with SOC, Threat Intelligence and Security Architecture teams. Investigate detection issues and improve performance and reliability. Drive continuous improvement using automation, scripting and best practice. Ensure ...

assessing and mitigating cyber threats across enterprise systems while helping to shape and improve the organisation’s overall security posture. Key Responsibilities Cybersecurity Operations & Threat Management Conduct ongoing threat assessments across operational systems and infrastructure Identify vulnerabilities, threat vectors and areas of security risk Design and implement … security mitigations and remediation strategies Monitor emerging cyber threats and recommend appropriate defensive measures Support automated threat monitoring, incident detection and response capabilities Develop and maintain cybersecurity playbooks and incident response procedures Coordinate with third-party security providers during security incidents and testing activities Security Governance & Risk Management Support ...

years' experience in a SOC or closely related cyber security role Strong working knowledge of: SIEM platforms Security Incident Management Cloud environments Networking fundamentals Threat intelligence and threat hunting Information security principles Phishing, ransomware, and modern attack vectors Identity & Access Management (IAM) Joiners, Movers, and Leavers ...

security telemetry from a range of data sources. Design, implement, and tune detection rules to improve alert quality and reduce false positives. Conduct proactive threat hunting using SIEM, EDR, and threat intelligence sources. Support incident investigations, containment, and response activities. Monitor and maintain the health … Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge including TCP/IP, DNS, firewalls, and proxies. Experience within ...

Intelligence Analyst Are you passionate about uncovering insights from complex data through creative thinking? Would you like to play a vital role in intelligence analysis? This Analyst role offers a unique opportunity to develop your skills and make a tangible impact within a growing organisation. You will … instrumental in providing actionable intelligence, supporting strategic decision-making, and contributing to risk mitigation efforts. This role is on-site and Oxford based. Intelligence Analyst Responsibilities This position will involve, but will not be limited to: Conducting detailed research and data analysis to support clients in understanding current ...

Strong understanding and practical application of ISO 27001 and related governance, risk, and compliance frameworks. Experience with security monitoring, incident response, vulnerability management, and threat management processes. Proven stakeholder management skills with the ability to engage effectively at all levels of the organisation. Experience managing third-party suppliers, managed … performance management Cloud networking and hybrid environments IDS/IPS technologies Secure network architecture principles Knowledge of SIEM, SOAR, endpoint security, vulnerability management, and threat intelligence platforms. Understanding of modern cyber threats, attack techniques, and defensive security controls. Desirable Qualifications ISO 27001 Lead Implementer or Lead Auditor CISSP ...

tooling is optimised and actively protecting client environments. Collaborate with teams to assess risks and design effective security controls. Support senior engineers across SIEM, threat intelligence and malware platforms. Apply updates, manage changes and follow robust operational processes. Stay ahead of emerging threats and drive continuous improvement. What ...

skills, including clear documentation and reporting. Good planning and organisational skills with attention to detail. Technical experience and skills Understanding of cybersecurity domains, including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response, and Cryptography. Familiarity with information ...

current DV Clearance. What youll be doing: Lead the design and implementation of platform-wide security architectures and strategies. Drive secure SDLC practices including threat modelling, misuse cases, and risk analysis. Oversee security operations including vulnerability scanning, penetration testing, and assessments. Manage and optimise security tooling (Firewalls, VPNs … compliance teams to embed security-by-design. What youll bring : Strong background in network security, SIEM, IDAM, endpoint protection, and cloud security. Knowledge of threat intelligence, IOC analysis, and detection engineering. Experience in secure SDLC, code review, and threat modelling (incl. misuse cases). Understanding of encryption ...

managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members … maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What youll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel ...

detection , ensuring controls are effective, proportionate, and aligned to risk Investigate and respond to security incidents , providing clear, risk-based analysis and recommendations Use threat intelligence and operational insight to continually improve detection capability Provide meaningful reporting and assurance on SOC performance and cyber posture Support the evolution ...

large, complex environments. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune ...

hard problems, enjoys experimentation, and wants to see their research translate into real-world impact. You'll work across the full research lifecycle, from threat intelligence and vulnerability analysis through to prototyping and delivery, collaborating with multidisciplinary teams on challenges that matter. Role duties Research emerging cyber security ...

over the next decade, this is the place to do it. Location: UK-based hybrid role The role We're looking for a motivated Threat & Vulnerability Analyst to join our Threat Informed Defence team. You'll play a key role in identifying, analysing and managing vulnerabilities and risk … across the organisation, using a range of security tooling and threat intelligence. You'll monitor emerging risks, triage findings, and support remediation activities working closely with teams across the business. This includes analysing security data across on-prem and cloud environments, leveraging EDR capabilities, and contributing to a threat ...