1 to 25 of 55 Permanent Threat Detection Jobs in the UK excluding London

Cyber Threat Detection Engineer Location: UK (fully remote - work from anywhere worldwide) Salary: Up to £100,000 + benefits About the role We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. … work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and convert threat intelligence into actionable insights. Key responsibilities Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation Build and maintain pipelines that ingest ...

Cyber Threat Intelligence Analyst Salary £50,000 - £60,000 - Hybrid - WFH Euro Projects Recruitment is working with a leading Microsoft Partner in Scotland to recruit a permanent Cyber Threat Intelligence Analyst . This is a genuine Cyber Threat Intelligence Analyst role with a strong focus on proactive … threat hunting, intelligence-led investigations and client engagement. The successful Cyber Threat Intelligence Analyst will work closely with SOC analysts, incident responders and engineering teams, using the Microsoft security stack to identify, analyse and mitigate cyber threats. The Role Cyber Threat Intelligence Analyst As a Cyber Threat ...

Threat Detection Engineer A specialist technology organisation operating in highly secure environments is expanding its cyber capability and looking to strengthen its detection function. This role sits at the heart of identifying, stopping, and staying ahead of modern threats. Role Overview: Location: Farnborough/Hybrid (3 days … week on site) Package: £55,000- £65,000pa & Benefits Industry: Defence & National Security What You’ll Be Doing: Designing and building high-quality detection rules and use cases across SIEM and EDR platforms Continuously tuning alerts to reduce noise and improve signal quality Monitoring and investigating security alerts ...

Primary Details Time Type: Full time Worker Type: Employee Senior Threat Detection Specialist Location: London or Remote Type: Permanent, full time Hybrid role, happy to talk flexible working The Opportunity As we focus on transformation across the organisation, we’re also investing in our cyber security capabilities … keep our people, data, and customers safe. That’s why we’re building a new Detection Engineering function—and we’re looking for a talented and driven Threat Detection Senior Specialist to help us lead the way. In this key role, you’ll support the GSOC Manager ...

Trust security principles Provide consultinglevel guidance on IAM adoption migration from legacy platforms and application onboarding Define integrate and drive proactive use of Identity threat detection capability for threat detection and identitybased risk management Partner with security leadership to ensure compliance with audit regulatory and governance … Identity Protection Conditional Access PIM CIEM and Governance Strong experience with hybrid identity onprem Active Directory AD FS Azure AD Connect Proficiency with Identity threat detection tools and integration with broader security ecosystems Deep understanding of authentication protocols SAML OAuth OpenID Connect Kerberos LDAP Familiarity with ...

Trust security principles Provide consultinglevel guidance on IAM adoption migration from legacy platforms and application onboarding Define integrate and drive proactive use of Identity threat detection capability for threat detection and identitybased risk management Partner with security leadership to ensure compliance with audit regulatory and governance … Identity Protection Conditional Access PIM CIEM and Governance Strong experience with hybrid identity onprem Active Directory AD FS Azure AD Connect Proficiency with Identity threat detection tools and integration with broader security ecosystems Deep understanding of authentication protocols SAML OAuth OpenID Connect Kerberos LDAP Familiarity with ...

Protection Conditional Access PIM CIEM and Governance Strong experience with hybrid identity on-Prem Active Directory AD FS Azure AD Connect Proficiency with Identity threat detection tools and integration with broader security ecosystems Deep understanding of authentication protocols SAML OAuth OpenID Connect Kerberos LDAP Familiarity with … security principles Provide consulting level guidance on IAM adoption migration from legacy platforms and application onboarding Define integrate and drive proactive use of Identity threat detection capability for threat detection and identity-based risk management Partner with security leadership to ensure compliance with audit regulatory ...

Cyber Threat Detection Engineer Location: UK (fully remote - work from anywhere worldwide) Salary: Up to £100,000 + benefits About the role We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. … work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and co... ...

Cyber Threat Detection Engineer If you are interested in applying for this job, please make sure you meet the following requirements as listed below. Location: UK (fully remote - work from anywhere worldwide) Salary: Up to £100,000 + benefits About the role We're looking for a hands … Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. You'll work with global telemetry, xxuwjjq honeypots, and deception systems to identify exploitation, develop detection pipelines, and co... ...

Cyber Threat Detection Engineer Location: UK (fully remote - work from anywhere worldwide) Salary: Up to £100,000 + benefits About the role We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour click apply ...

their internal Security Operations Centre. This role will have you leading a team of analysts and working alongside security engineers to develop and automate threat detection and response playbooks, as well as security architects and the wider IT function. The ideal candidate will have the technical expertise … management, coaching, and development of SOC analysts and engineers. Lead the configuration, tuning, and maintenance of core SOC capabilities including log aggregation, alerting, correlation, threat detection, and response tooling. Define, track, and report SOC performance metrics and KPIs, ensuring operational efficiency and alignment with organisation objectives. Manage ...

Role: Detection & Threat Hunt Analyst Location: Cheltenham Position: Specialist or Associate Manager Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years continuous UK address history (typically including no periods of 30 consecutive days or more spent outside … will serve as a senior technical point of escalation (T3), mentor junior analysts, drive service improvements, and ensure the consistent delivery of high-quality threat detection and response services to our clients. You will also act as a technical SME, directly engaging with clients, delivering reporting and supporting ...

seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team, you will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context … decision-making and response capabilities. Drive Agile CI/CD practices to ensure rapid, secure, and reliable delivery of automation features. Collaborate with SOC, threat detection, and engineering teams to identify automation opportunities and align with strategic security goals. Develop and maintain custom Python scripts and tools ...

security threats for multiple customers.You will oversee and mentor a skilled team of analysts, fostering a culture of continuous learning, champion best practices in threat detection and incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners … develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews, and foster continuous improvement. Oversee full lifecycle of security incidents from detection to resolution. Ensure compliance with SLAs and escalation protocols. Maintain and enhance incident response plans and procedures. Direct threat intelligence collection and analysis. Manage ...

decision-making challenges Work with UX designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations … engaging with prospective customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert in customer ...

GDPRcompliance Implement and manage security controls across Microsoft 365 and cloud environments Deploy and operate managed security tools (EDR, AV, email security, threat detection) Monitor vulnerabilities and investigate security incidents Produce clear security reports and client recommendations Deliver security awareness training and phishing simulations Work closely with internal … technical teams to improve overall security posture Essential Experience Background in cyber security within an MSP or multi-client environment Strong understanding of threat detection, incident response, and vulnerability management Hands-on experience securing Microsoft 365/Azure AD Knowledge of EDR, AV, email security, and network security ...

Tier 2 analysts, providing live operational oversight, procedural assurance, and ongoing mentorship. This role ensures each analyst team is aligned with evolving cyber threat detection standards, works in sync with response and intelligence functions, and delivers consistent high-quality casework across shifts. This is a senior operational role … company that values innovation and diversity, this is the place to make an impact. In addition to Senior SOC Analyst responsibilities (alert triage, threat detection, ticket response, and tooling operation), the SOC Shift Lead will provide: Shift Continuity & QA Operational assurance and standard enforcement across all active shifts. ...

Analyst . This is a great opportunity to join a forward-thinking security operations team , where you’ll have hands-on ownership across threat detection, incident response, and overall security posture , alongside a competitive salary, strong benefits, and clear long-term development opportunities . The role offers flexible … detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). ...

incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic … incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced ...

About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud … security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender ...

Join Police Digital Service as NMC Cyber Security Detection Engineer x 2. Full time Permanent. Salary starting at £50,000 About Police Digital Service To protect people from harm in our rapidly changing world, police services must not only keep up with technology and business changes but develop capabilities … Police Digital Service and provides visibility and control of information risks for policing. It supports the 24x7x365 nature of police operations, providing a threat detection and response capability for digital services before, during and after cyber-attacks, enabling stakeholders to understand and proactively manage risk across the technology ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic ...

Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening, automation, and threat mitigation. The role is not managerial in the traditional sense it exists to drive technical capability, mentor through engineering leadership, and deliver resilient, scalable … Cloud, Purview DLP, Azure Firewall, and related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device ...

team As a member of the SOC Content Team, you will be responsible for contributing to the creation, deployment, and tuning of threat detection content and delivery of proactive threat hunting. You will work in close partnership with client Lead Analysts, threat intelligence teams, and other … functions to help ensure that detection strategies are tailored to each client’s threat profile and security objectives. This role offers a balance of technical hands-on work, collaboration, and knowledge sharing, with a strong emphasis on continual learning and process improvement. ...