3 of 3 Permanent Threat Intelligence Jobs in the South West

client engagements; present findings and recommendations to senior stakeholders. Participate in alert testing, readiness exercises, and incident response tabletop sessions. Stay current on emerging threat intelligence, attacker techniques, and relevant research. Required Experience 2+ years experience as a Cyber Security Operations Analyst or equivalent Experience working with Splunk … Familiarity with threat intelligence frameworks and methodologies End-to-end incident response lifecycle experience Detection engineering and alert development expertise. Strong scripting or programming skills (Python, Bash, C/C++, Java). Solid grounding in cybersecurity fundamentals: network security, cloud security, cryptography, forensics. Understanding of common network protocols ...

role in monitoring, triaging, and investigating security events across a range of client environments. You’ll be working across SIEM platforms, vulnerability management tools, threat intelligence sources, and network telemetry to deliver effective detection and response. You will also take on client-facing responsibilities, presenting findings, trends … Strong experience within a SOC or cyber security operations environment Proven ability to investigate and analyse complex security incidents Experience with SIEM platforms, threat intelligence, and security tooling Strong stakeholder and client communication skills Ability to mentor and develop junior team members Proactive approach to problem-solving ...

knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. Operated endpoint security and endpoint detection and response (EDR) tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk … based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through to completion. Act as Incident Commander for security incidents during London hours, coordinating first responders, IT, Legal, Compliance ...