1 to 25 of 123 Permanent Threat Detection Jobs in the UK excluding London

business need. The Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London Happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities to keep our people, data, and customers safe. That … building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager in shaping the future of detection engineering, developing the strategy ...

value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local … levels. Key Responsibilities Responsible?for?gathering, normalising, and integrating cybersecurity-related data from multiple sources (e.g., SIEM, threat feeds, vulnerability sources, and cloud platforms) to?develop trends and to detect?threats,?vulnerabilities,?and anomalies. ? Ability to translate raw data into meaningful insights that inform security posture or service improvements. ...

Detection & Threat Hunt Lead Analyst Cheltenham Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside of the UK) and declaration of being … team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other ...

protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month … exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain ...

leading a team of cyber security engineers. The role involves close collaboration with IT, network teams, and senior stakeholders to identify vulnerabilities, mature detection capabilities, and ensure compliance with recognised security frameworks. Key Responsibilities Lead and develop a team of cyber security engineers, providing technical and strategic direction. Oversee … security operations including monitoring, incident management, and threat response. Conduct assessments across the IT estate to identify risks and emerging threats. Manage security events from detection through to remediation, ensuring timely and effective responses. Drive improvements to the organisation's security posture in line with a rapidly evolving ...

pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more REQ5277 We’re seeking a technical Senior Security Analyst to lead threat detection, incident response, and control validation across various cloud security platforms such as, but not exclusive to, Microsoft security suite, AWS workloads, CNAPP … Handle complex threats, lead incident response, and shape security policy Oversee and lead investigations across various cloud security suites Develop and maintain KQL-based detection rules, hunting queries, and alert tuning strategies. Coordinate incident response playbooks across hybrid environments, including AWS EC2, Lambda, and containerized workloads. Contribute ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

techniques to build impactful, customer-facing security capabilities. Build and refine intelligent generative AI agents that drive automated cybersecurity reasoning, investigation workflows, and threat analysis. Extend and enhance our next-generation AI antivirus engine by designing new feature representations, building file parsers, and developing ML models end-to-end. … integrate into the Cynet Endpoint Agent and platform infrastructure. Use Cynet's ML experimentation pipelines to run experiments, optimize performance, and deliver production-ready detection models. Serve as the cybersecurity expert within the Data Science team, guiding threat modeling, malware understanding, and security-driven AI design decisions. Requirements ...

Vectra is the leader in AI-driven threat detection and response for hybrid and multi-cloud enterprises. The Vectra AI Platform delivers integrated signal across public cloud, SaaS, identity, and data center networks in a single platform. Powered by patented Attack Signal Intelligence, it empowers security teams … rapidly prioritize, investigate and respond to the most advanced cyber-attacks. With 35 patents in AI-driven threat detection and the most vendor references in MITRE D3FEND, organizations worldwide rely on the Vectra AI to move at the speed and scale of hybrid attackers. For more information, visit ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement, we deliver … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local ...

detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). … Perform threat-hunting, log-analysis (including firewall, web/email filters), implement or review DLP controls, and collaborate with infrastructure/cloud/application teams on remediation and security posture improvements. Contribute to continuous improvement of SOC processes (alert tuning, log-source enrichment, documentation), and take part ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

multi-cloud infrastructure and leading security engineering efforts. This is a lead, hands-on engineering position requiring deep expertise in cloud security architecture, detection engineering, security tooling, and the secure software development lifecycle (SDLC) to proactively defend our digital assets and global operations. Key Responsibilities Lead and manage security … cloud (AWS, Azure, GCP or similar), and SaaS environments. You will design, architect, deploy, and implement the security infrastructure (SIEM, EDR, logging, monitoring, alerting, threat-intelligence integrations) to support a hybrid SOC model, including overall tool management and tuning. Design and enforce security architecture and strategy. Define and implement ...