1 to 25 of 62 Permanent Threat Intelligence Jobs in the UK excluding London

Primary Details Time Type: Full time Worker Type: Employee Threat Intelligence Specialist London Permanent (Hybrid) At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity We’re excited to be hiring … Threat Intelligence Specialist to join our Advanced Threat Services (ATS) Teamon a full-time, permanent basis! You’ll be part of a supportive team that thrives on teamwork and innovation, where your expertise will be valued as we work together to tackle the ever-evolving cyber threat ...

department Covers Cybersecurity, Information Security, IT Audit, IT Risks, IT Controls,Access Management, Security Operation, Threat Management and the portfolio for Change for all these areas.This is a rolling fixed term contract, initially 6 months. Mandatory 5 days on site. You will play a key role in overseeing … threat intelligence activities while ensuring alignment withour global cybersecurity strategy. Develop and maintaindetailed activity plans, timelines, budgets, and resource allocations. Manage ThreatIntelligence Centre accounting, financial operations, and budget forecasts toensure cost optimisation and alignment with strategic objectives. Facilitatecommunication and coordination with global stakeholders across multiple regionsto ensure alignment ...

Principal Product Manager, Automation & Threat Intelligence (New Bailey, Manchester, United Kingdom) Closing Date : Wednesday 29th October 2025 Location(s) : Birmingham, Bristol, London or Manchester Flexible Working The BT group operates a 3 together, 2 wherever working model. This means you are required to be at your contractual location … Scope This role is responsible for ensuring that automation and AI capabilities within Managed Security Services meet market expectations and deliver fast, scalable, intelligent threat detection and response. It involves benchmarking against industry best practices, identifying gaps, and owning a roadmap to enhance internal capabilities. Additionally, the role leads ...

Defence (ICSD) function. This role is pivotal in designing and implementing next-generation cloud security architectures, securing WTW cloud environments, and driving automation and intelligence within Cybe r Defence Security Platforms & SOC Engineering. This is a hybrid role at London office with a requirement to be in the office … business need. The Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft ...

will include: Triaging security incidents SIEM monitoring for incident investigations/for the development of monitoring dashboards. Use of playbooks, on-line resources and threat intelligence to enhance attack detection Creation of new\ updating existing playbooks Keep up to date with current vulnerabilities and attack techniques Threat intelligence - proving Threat Intelligence services/information to the wider security team Key skills needed: 5 years of experience in a Senior Security Operations role role, with a focus on incident response and reporting within the financial services sector. Proficiency in using SIEM tools, specifically Splunk ...

Cyber SecOps and Threat Intelligence Specialist, Law Firm, Bristol We are seeking a Cyber Security and Threat Intelligence Specialist to join an expanding team in this 3,000 user international Law Firm, strengthening its ability to detect, respond to, and prevent cyber threats. Location: Bristol Reports … Head of Cyber Security Hybrid Role: 3-4 days work from home The Role Play a key role in maturing incident response and threat intelligence functions Evolve and mature the firm's capability for detecting and responding to cyber incidents Help develop strategies and roadmaps for cyber security ...

trusted connector of people, devices and machine by 2030. Managing a team of technical and investigative specialists, your role is to understand the cyber threat to BT from criminal actors and to build our ability to counter this. This role is hybrid (3 days in office) in either Bristol … Manchester What you’ll be doing Leading a multiskilled team of intelligence specialists to deliver operational outcomes Represent BT as the Subject Matter Expert on Cybercrime, delivering outputs to customers, CISOs, staff and Cyber Security community. Managing intelligence, threat hunting and investigative responsibilities as a core part ...

Senior Cyber Security Engineer/Threat Intelligence Specialist Bristol (Hybrid) | Up to £81,000 + Excellent Benefits Join a leading UK law firm shaping the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen … paced environment, love to hunt for threats, and enjoy taking ownership of complex challenges this role is for you. What Youll Do Lead on threat detection, hunting, and incident response, working with Azure/Defender, Sentinel, and third-party SOCs. Investigate alerts and coordinate responses with internal IT teams ...

Senior Cyber Security Engineer/Threat Intelligence Specialist Bristol (Hybrid) Up to £81,000 + Excellent Benefits Join a leading UK law firm shaping the future of cyber resilience. About the Role My client are seekinga Senior Cyber Security Engineer/Threat Intelligence Specialist to strengthen ...

major national and international scale. With vast warehouse operations, enterprise systems and a rapidly expanding digital footprint, the business is enhancing its Vulnerability & Threat Management function to protect a complex and ever-evolving technology landscape. As a Senior Vulnerability Management Engineer, you'll work within the Information Security team … taking ownership of vulnerability identification, validation, prioritisation and communication across the estate. You'll collaborate with engineering, incident response, threat intelligence and operational teams to provide actionable mitigation strategies, guide remediation efforts, and strengthen the overall security posture. This is a high-impact role in a proactive, forward ...

team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark … ideal candidate will be a self-starter with an inquisitive nature and a keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised ...

organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site … organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat ...

organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site … organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat ...

organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site … organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat ...

potential security incidents. Deliver post-incident reviews and drive continuous improvement. Keep the Cyber division and clients informed of emerging threats and trends through threat intelligence reporting. Support the creation and training of the incident response team, ensuring readiness for any security challenge. Contribute to achieving industry certifications … root causes, and recommend corrective actions. Experience developing and maintaining incident response plans and playbooks. Hands-on experience with tools such as SIEM, EDR, threat intelligence platforms, and forensic investigation tools. Strong knowledge of incident response frameworks (e.g., NIST, SANS). Deep understanding of current cybersecurity threats ...

hours work. Key Responsibilities: Handle escalations from Level 1 analysts and validate complex alerts. Conduct in-depth analysis using SIEM, EDR, XDR and threat intelligence sources to establish root cause, scope and impact. Lead containment and remediation actions in coordination with senior engineers and incident response leads. Develop … tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat hunting activities and contribute to improving detection coverage. Maintain accurate and comprehensive investigation records within the SOC ticketing platform. Mentor junior analysts, helping improve ...

functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm … assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics Required Qualifications, Capabilities, And Skills 3+ years of experience in delivering covert red teaming, purple teaming, or network exploitation operations using industry-standard tools (e.g., Cobalt Strike or other C2 frameworks), with ...

Responder - IR, Cyber, Salary: Competitive, based on experience + benefitsLocation: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. … Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call ...

access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across … alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation ...

Location(s): UK, Europe & Africa : UK : Frimley || UK, Europe & Africa : UK : London || UK, Europe & Africa : UK : Manchester BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation … week every 2 months and occasional travel to the offce – Frimley, Guildford, Manchester, Gloucester, London Grade: GG10 Referral Bonus: £5,000 BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors ...

Location(s): UK, Europe & Africa : UK : Frimley || UK, Europe & Africa : UK : London || UK, Europe & Africa : UK : Manchester BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation … week every 2 months and occasional travel to the offce – Frimley, Guildford, Manchester, Gloucester, London Grade: GG10 Referral Bonus: £5,000 BAE Systems Digital Intelligence offers world class Incident Response services to customers across the globe. Our team investigates some of the most complex nation state threat actors ...

framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain AJ Bells threat intelligence capabilities to enable effective response to the evolving threat landscape, delivering and disseminating actionable intelligence to operations teams … knowledge of Information Security risk management tools and techniques Extensive experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Knowledge of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information ...

demonstrate risk reduction and operational performance. Knowledge of automation techniques for repetitive security tasks (e.g., using SOAR tools or scripting). Knowledge of threat intelligence and proactive threat hunting. Desirable Familiarity with cloud security operations (Azure and AWS). Understanding of compliance requirements and how they apply ...

demonstrate risk reduction and operational performance. · Knowledge of automation techniques for repetitive security tasks (e.g., using SOAR tools or scripting). · Knowledge of threat intelligence and proactive threat hunting. Desirable · Familiarity with cloud security operations (Azure and AWS). · Understanding of compliance requirements and how they apply ...

operations. You will: Architect & Design : Build and evolve secure frameworks using Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence ...