1 to 25 of 75 Permanent Threat Intelligence Jobs in the UK excluding London

Threat Intelligence Lead £55000-65000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Threat Intelligence Lead Leeds - 5 days on-site Up to £65,000 + DV Cleared Bonus We are currently recruiting for a Threat Intelligence Lead to join one of the UK's most critical national defence … programmes. This is an opportunity to lead a high-performance team operating at the forefront of cyber threat intelligence, helping to protect sensitive cloud-hosted environments against sophisticated nation-state actors and advanced cyber adversaries. As Threat Intelligence Lead, you will be responsible for managing the production of actionable threat intelligence and vulnerability assessments … ensuring high-quality outputs that directly inform security operations and strategic defence decisions. Responsibilities of the Threat Intelligence Lead: Lead the development and delivery of threat intelligence and vulnerability products. Select and profile key threat actors posing the greatest risk to the client's estate. Own the continuous development of Priority Intelligence Requirements (PIRs More ❯

Cyber Threat Intelligence Lead £75000 GBP Onsite WORKING Location: Leeds, Yorkshire and the Humber - United Kingdom Type: Permanent Cyber Threat Intelligence and Vulnerability Lead Location: Leeds (100% office-based) Salary: Up to £75,000 Security Clearance: DV Clearance required The Opportunity: A unique and mission-critical opportunity has arisen for an experienced Cyber Threat Intelligence … protecting vital UK infrastructure. You'll work within a dedicated Security Operations Centre (SOC) focused on safeguarding cloud-hosted environments across hundreds of systems. Key Responsibilities: As a Cyber Threat Intelligence and Vulnerability Lead , you will: Oversee the daily detection, triage, and reporting of cyber threats and vulnerabilities affecting the client environment. Direct the development and execution of … collection plans and Priority Intelligence Requirements (PIRs), ensuring relevance and accuracy. Lead and mentor a team of analysts, ensuring timely delivery of high-quality intelligence and vulnerability reports. Maintain operational readiness even during periods of reduced capacity by managing team output and ensuring delivery across all products. Shape the direction of threat intelligence by identifying threat More ❯

Cyber Threat Intelligence Analyst Akkodis are currently working in partnership with a leading service provider to recruit a Cyber Threat Intelligence Analyst to join a leading Cyber Defence Team and play a pivotal role in providing actionable technical intelligence to detection engineers, threat hunters and security operations. This role offers a highly competitive salary … and the opportunity for remote working. The Role As a Cyber Threat Intelligence Analyst you will support the rest of the Cyber Defence engineering team in regard to the roadmap and what to focus on. You will share intel to help them understand what's emerging as well as what advanced persistent threat actors are leveraging to … compromise systems. You will work directly across all areas of Cyber Defence to produce bespoke and technical intelligence across Tactical, Strategic, and Operational intelligence. The Responsibilities Conduct in-depth analysis of threat groups, their capabilities, motivations, and tactics A strong understanding of threats posed Articulate complex concepts to various stakeholders across the business. Knowledge of tactics, techniques and More ❯

can't replace to help us shape the future of information management. Join us. Your Impact: We are seeking a driven, experienced Account Executive (AE) to join the OpenText Threat Intelligence team and lead strategic sales initiatives targeting OEM providers. In this role, you will be responsible for driving revenue by selling our industry-leading threat intelligence … role offers: Own and drive the full sales cycle for OEM partnerships-from prospecting and discovery to negotiation and contract closure. Identify and engage OEM partners who can embed threat intelligence into their security appliances, platforms, SIEMs, XDRs, firewalls, or endpoint solutions. Understand customer requirements and tailor value propositions around our threat intelligence products, APIs, and … need to succeed: 5+ years of B2B enterprise sales experience, with a focus on OEM, embedded, or technology partnership sales. Deep understanding of cybersecurity technologies and the role of threat intelligence in enhancing security products. Proven track record of exceeding quotas and developing long-term partner relationships. Experience working with technical buyers such as product managers and engineering More ❯

Cyber Threat Intelligence & Vulnerability Lead £65,000 GBP 10% bonus + £7,000 DV Clearance Bonus (once obtained) Hybrid WORKING Location: Manchester, North West - United Kingdom Type: Permanent Cyber Threat Intelligence & Vulnerability Lead Location: Leeds, UK (100% office-based) Salary: up to £65,000 + 10% bonus + £7,000 DV clearance bonus once obtained. Security … your opportunity to shape the future of cyber defence in a role that demands technical excellence, strategic thinking, and strong leadership. What You'll Be Doing As the Cyber Threat Intelligence & Vulnerability Lead, you will: Oversee the detection, triage, and reporting of cyber threats and vulnerabilities. Deliver high-quality intelligence and vulnerability reports on time, every time. … Select and monitor key threat actors posing the greatest risk. Develop and refine Priority Intelligence Requirements (PIRs) and collection plans. Ensure all processes are documented, reviewed, and continuously improved. Provide expert analysis, context, and forward-looking threat assessments. Drive the maturity of threat intelligence and vulnerability functions. Lead and mentor a high-performing team, ensuring More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

Cyber Threat Intelligence Analyst We are helping a household name that impacts all of our lives to develop new cyber capabilities from the ground up. They're looking for a Cyber Threat Intelligence analyst to help out with their Threat Intell function and keep them ahead of the curve when it comes to threat … systems in place and you'll have the chance to shape the future of their cybersecurity operations from the very beginning. We're looking for candidates with experience in: Threat management and modelling TTPs Cyber threat intelligence tools and technologies. Staying up to date with new and emerging threats Details: Location: West Midlands – 2x a month on More ❯

people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade E Job Description Experian Cyber Fusion Center is looking for a Threat Intelligence Analyst to help track new and persistant cybersecurity threats, analyse and produce applicable intelligence to help the organisation. You will be part of a world class organization and … lead a global team of experienced people to help us stay ahead of adversaries. You will be part of the Threat Intelligence team which focuses on defending against new threats, supporting investigations, and delivering situational awareness to the business. This is a UK based remote position reporting to the Global Head of Threat Intelligence. Summary of Primary … Responsibilities Use open and closed source intelligence tools to track threat clusters posing threats to Experian and help identify preventative measures to improve our defense. Contribute to cross-team projects to improve the security posture of Experian infrastructure, such as red team operations, Attack Surface Management and Threat Hunting collaborations. Help Investigate latest cyber trends providing relevant More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express your More ❯

Threat and Incident Response Lead Analyst Permanent or Contract | Hybrid 12 Days in Office (North West) Threat and Incident Response Lead Analyst is needed for a growing Cyber team who are looking to strengthen its cyber defence capabilities with the hire of a Threat and Incident Response Lead Analyst . This is a pivotal, hands-on role … in a growing cyber team. Youll lead threat intelligence and incident response efforts, shape defensive strategy and play a critical role in ensuring the organisation stays ahead of evolving threats. What Youll Be Doing: Lead all aspects of Threat Intelligence and Incident Response Perform gap analysis across tooling, processes and detection capabilities Implement and embed modern … IR and threat detection best practices Develop and maintain incident response playbooks and threat hunting strategies Stay informed on emerging threats, TTPs, and adversarial behaviours Tune detection rules and improve response workflows Work with tools such as Microsoft Sentinel, Defender, Splunk, or similar What Were Looking For: Proven experience in hands-on incident response and cyber threat More ❯

Threat Detection Engineer (Cyber) page is loaded Threat Detection Engineer (Cyber) Apply locations Windsor time type Full time posted on Posted 6 Days Ago time left to apply End Date: August 2, 2025 (4 days left to apply) job requisition id R Join us, be part of more. We're so much more than an energy company. We … do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role, you'll be responsible for developing, automating, and … enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection gaps across our infrastructure, working closely with various business units to boost visibility, and crafting automated More ❯

Build security automations, logging, and SIEM detections to improve efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence, and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Work with Threat Intelligence More ❯

security automations, logging, and SIEM detections to improve the efficiency, scalability, and incident response capabilities. Design, implement, and maintain automated workflows and playbooks to streamline operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Collaborate with analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence More ❯

WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms. Investigate and respond to security incidents, including containment, eradication, and recovery. Conduct vulnerability assessments and coordinate remediation efforts. Perform threat hunting and behavioural analysis using threat intelligence and analytics tools. Maintain and tune security tools, detection rules, and automation scripts. Support compliance initiatives (e.g., ISO 27001, NIST … Microsoft Defender Extended Detection &Response (XDR): Familiarity with Microsoft Security Portfolio of products. Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark). Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect. Vulnerability Management: Experience with tools like Tenable Nessus, Qualys. Scripting &Automation: Proficiency in Python, PowerShell, or Bash for More ❯

day-to-day SOC activities, ensuring timely escalation and resolution of incidents. Mentor junior analysts, support skills development, and facilitate tabletop exercises and simulations. Drive use-case development and threat detection content using advanced analytics, including machine learning and security automation. Maintain and update SOC processes, procedures, and documentation. Help build and mature threat intelligence capabilities and … foster collaboration across the smart metering community. Translate threat trends into actionable insights and drive improvements across the organisation. Evaluate and recommend tools that enhance detection and response capabilities. Conduct forensic investigations and perform root cause analysis of security incidents. What are we looking for? Proven experience in incident response and leading investigations in complex environments. Strong understanding of … the cyber threat landscape, adversary tactics, and frameworks such as MITRE ATT&CK. Demonstrated ability to work under pressure, solve problems independently, and collaborate with stakeholders. Experience in a Security Operations or similar role (e.g. Senior SOC Analyst, Level 3 SOC Analyst). Technical knowledge of cloud environments and SaaS platforms including AWS, Azure, Office 365, and Microsoft Defender. More ❯

fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

providing a Start to Finish level of incident management Proactive identification of vulnerabilities Provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Establishing good practice vulnerability treatment throughout the customer estate, this includes implementing policy, hardening, patching and fixes of all supported technology Working closely with technical … changes and any emergency patching work that is required Proactively identify vulnerabilities and provide supporting information on potential impacts and mitigating actions for new threats or vulnerabilities from vendor, threat intelligence and subscriptions Evaluate vulnerabilities across multiple technologies that correlate with the VLMPLs Occasional site visits to meet stakeholders and to improve customer relationships Provide professional, business friendly More ❯

Your new role You'll be joining an established Cyber team, supporting them to help them to achieve the CAF framework regulations, whilst getting involved with SIEM, Vulnerability Management, Threat Intelligence and IAM. Part of the team executing a cyber improvement programme to enhance security posture Support compliance with relevant Cyber Security regulations, standards, and frameworks Implement and … ideally 3+ years of experience in similar cyber security roles, with experience in implementing security frameworks (e.g. NIST, CAF, ISO) Prior hands-on experience with SIEM, Vulnerability Management, Threat Intelligence, and IAM systems Experience contributing to enterprise-level security initiatives Third-party vendor relationship experience What you'll get in return Salary of between £52K-£55k 27 days More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the noise. It … to business goals. Oversee the development of all content formats-blogs, reports, whitepapers, case studies, videos, podcasts, and more. Lead cross-functional content planning and collaboration with teams including threat intelligence, research, product, and leadership. Maintain a high editorial standard across all outputs, ensuring consistency of voice, quality, and brand alignment. Campaigns & Promotion Develop and manage content-led More ❯

proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber … our journey and you will too. What you'll need Previous experience of working in a cyber security operations context Ability to analyse security logs and events Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence More ❯

security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share and gain intel from … alignment with compliance standards. Act as a thought leader for the firm on Cyber Defence, maintaining an awareness of emerging cyber threats and defensive innovations, through independent research and threat intelligence insights from the Threat and Vulnerability Management team. Use these insights to inform strategic recommendations made to Head of Cyber Defence on new approaches to address More ❯

effective escalation and incident response Review and approve relevant process artefacts and operational documentation that underpin Detection and Response Engineering activities Design, code and operationalise detection rules based on threat models and intelligence Be the escalation point for Detection and Response decision making. Why Lloyds Banking Group Like the modern Britain we serve, we're evolving. Investing billions … Join us on our journey and you will too. What you'll need Proven experience in a cyber defence context with demonstrable success in leading technical teams Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence … Effective workforce and performance management with proficiency in project planning and execution. Strong communication and interpersonal skills. Familiarity with governance, compliance, and operational excellence in security functions. Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC) About working for us Our ambition More ❯