1 to 25 of 54 Permanent Threat Intelligence Jobs in the UK excluding London

Please Note: The deadline for applying is 23.59 the day before the job posting end date. Job Title: Strategic Threat Intel Senior Manager Business Function: Cyber Security - Threat Intelligence Location: Kingston/Port Sunlight Reports to: Director of Threat Intelligence Unilever is one of the world's leading suppliers of Food, Home, and Personal Care … structure is built around product families and risk-based priorities, with teams embedded across regions and business units. JOB PURPOSE We are seeking a highly motivated and experienced Strategic Threat Intelligence Manager to lead our strategic intelligence function within the Cyber Threat Intelligence team. This role is pivotal in shaping our understanding of long-term … threat trends, geopolitical risks, and adversary behaviour. The successful candidate will drive the development of high-level threat assessments and intelligence products that inform executive decision-making and support enterprise-wide risk management. Role Summary: The Strategic Threat Intelligence Manager leads the strategic intelligence function within the Cyber Threat Intelligence team, reporting More ❯

Cyber Threat Intelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber Threat Intelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary … and the opportunity for remote working. The Role As a Cyber Threat Intelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to … compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

Threat Hunter UK (Manchester, Cheltenham or London) We are seeking a highly capable and hands-on Threat Hunter to design and lead a professional threat hunting capability focused on identifying sophisticated adversaries through hypothesis-driven analysis and automation. You will be responsible for proactively detecting and analysing advanced threats across the customers environment. Ensuring our threat models and threat hunts are tightly aligned to industry risks to the customer. This is a high-impact role with significant autonomy. You'll need to think critically, and hunt methodically. As a Threat Hunter, you will actively search for cyber threats that evade traditional security solutions. Your role will involve conducting in-depth analysis, identifying indicators … of compromise (IOCs), and working cross-functionally with the Security Operations Centre Analysts, Detection Engineers, Privacy Team and Engineering Team to mitigate risks. Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them ahead of the curve when it comes to threat … systems in place and you'll have the chance to shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on More ❯

people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description Experian Cyber Fusion Center is looking for a Threat Intelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization … and lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the Threat Intelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of … Primary Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing More ❯

to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps … Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such as SIEMs, ticketing systems, and firewalls. Automation & Enrichment: Automate repetitive security tasks like indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring … security operations or security engineering. Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient). Strong familiarity with: Google SecOps/Chronicle Darktrace (AI-based threat detection) CrowdStrike Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE More ❯

data from unauthorized access, cyber threats, and data breaches. The ideal candidate should have a strong background in cybersecurity, particularly in DLP of email security, cloud applications, endpoints and threat prevention with a proven ability to respond to evolving security challenges. Responsibilities: Proofpoint Management: Configure, deploy, integrate, and manage Proofpoint security solutions, including email security, data loss prevention (DLP … threat protection, and information protection. Monitor and analyse Proofpoint alerts and logs to detect and respond to security incidents and threats. Regularly update and optimise Proofpoint configurations to adapt to evolving threat landscapes and organisational needs. Develop and maintain custom filters and rules within Proofpoint to enhance security measures tailored to organisational needs. Collaborate with vendors and external … regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber threats targeting the organisation. Participate in or lead incident response activities related to More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯

fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

Your new role You'll be joining an established Cyber team, supporting them to help them to achieve the CAF framework regulations, whilst getting involved with SIEM, Vulnerability Management, Threat Intelligence and IAM. Part of the team executing a cyber improvement programme to enhance security posture Support compliance with relevant Cyber Security regulations, standards, and frameworks Implement and … ideally 3+ years of experience in similar cyber security roles, with experience in implementing security frameworks (e.g. NIST, CAF, ISO) Prior hands-on experience with SIEM, Vulnerability Management, Threat Intelligence, and IAM systems Experience contributing to enterprise-level security initiatives Third-party vendor relationship experience What you'll get in return Salary of between £52K-£55k 27 days More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the noise. It … to business goals. Oversee the development of all content formats-blogs, reports, whitepapers, case studies, videos, podcasts, and more. Lead cross-functional content planning and collaboration with teams including threat intelligence, research, product, and leadership. Maintain a high editorial standard across all outputs, ensuring consistency of voice, quality, and brand alignment. Campaigns & Promotion Develop and manage content-led More ❯

proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber … our journey and you will too. What you'll need Previous experience of working in a cyber security operations context Ability to analyse security logs and events Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence More ❯

effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions … Join us on our journey and you will too. What you'll need Proven experience in a cyber defence context with demonstrable success in leading technical teams Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence … Effective workforce and performance management with proficiency in project planning and execution. Strong communication and interpersonal skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition More ❯

effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions … Join us on our journey and you will too. What you'll need Proven experience in a cyber defence context with demonstrable success in leading technical teams Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence … Effective workforce and performance management with proficiency in project planning and execution. Strong communication and interpersonal skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition More ❯

Location(s): UK, Europe & Africa: UK: Gloucester BAE Systems Digital Intelligence is home to 4,500 digital, cyber, and intelligence experts. We work across 10 countries to collect, connect, and analyze complex data, enabling governments, armed forces, and businesses to achieve digital advantages in demanding environments. Job Title: Threat Hunter Requisition ID: 121789 Location: Leeds - hybrid and … members and share knowledge proactively. Contribute to the SOC Knowledge Repository by creating and updating documentation independently. Build relationships externally with other SOCs and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection … vulnerabilities, produce proof-of-concept exploits, and emulate adversary TTPs for training and detection evaluation. Review red team and pentest findings to improve detection rules. Provide forensic support and threat emulation to improve alert triage and accuracy. Identify gaps in SOC processes, data collection, and analysis, demonstrating the need for improvements through scenarios and red teaming. Perform complex threat More ❯

day basis. Provide out of hours technical escalation support to shift analysts Main Duties and Responsibilities: Developing SIEM detection rules and tuning alerts across our client estates. Conduct proactive threat intelligence research and carry out threat hunting across client estates Training of analysts and developing training resources and materials Act as a point of escalation for the … Understanding of security attack vectors and techniques utilised, including areas such as Business Email & user account Compromise, malicious payload installation & execution and reconnaissance activity. Understanding of the everchanging emerging threat landscape and how to interpret these threats to create initiate mitigation actions across a clients security estate. Willingness to learn, adapt, and innovate Critical thinking and analytical skills Excellent More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll take … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

detection tooling. Investigating and responding to security alerts raised by Users. Enhancing and creating analytic triggers to enhance alert efficacy. Continuous development of incident handling and readiness processes. Proactive threat hunting based on threat intelligence. Documentation of incidents and investigations. About your Skills We're open-minded when it comes to hiring and we care more about aptitude … supporting and conducting Incident Response engagements. Experience in endpoint based investigations. Experience in cloud based investigations. Experience with Incident Command and conducting Tabletop Exercises Interest in Automation. Interest in Threat Intelligence and Analytic Tuning. A high level understanding of mobile, network and operating system security controls. Any experience of programming in Python, Go and/or Java. A More ❯

designing, implementing, and maintaining secure IT infrastructures by applying best practices. Cryptography - Knowledge of encryption algorithms, secure key management, and certificate lifecycle management to protect data integrity and confidentiality. Threat Intelligence & Analysis - Ability to gather, analyse, and interpret data from various threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as More ❯

also serves as a technical authority within the team and department. What you'll need to succeed Security Operations & Incident Response Lead security operations services, including monitoring, incident response, threat management, and intrusion detection, using both internal and external resources. Manage the outsourced 24/7 security operations service. Lead the organisation's response to security incidents, coordinating recovery … efforts with internal teams and vendors. Establish and manage threat intelligence processes to ensure timely remediation of vulnerabilities. Monitor and analyse performance metrics to support security troubleshooting and continuous improvement. Identity & Access Management Provide expert technical leadership for identity and access management, ensuring secure, high-performing services aligned with SLAs. Oversee day-to-day monitoring and maintenance of … Qualifications Degree or equivalent industry certification. Professional certification in security/identity (e.g. CREST, GIAC). ITIL Foundation certification. Incident response certification preferred. Technical Knowledge Proficient in SIEM, EDR, threat detection, and vulnerability management. Solid understanding of network security (firewalls, segmentation, IDS/IPS). Experience with Windows, Mac, Linux environments and security tooling. Familiarity with public cloud platforms More ❯

during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats, tactics, and techniques To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands … on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of enterprise security architecture: firewalls, AV, VPNs, IDS/IPS Eligible for DV Clearance – British citizens who have resided in More ❯