101 to 125 of 161 Permanent Threat Intelligence Jobs

We’re looking for a hands-on technical expert to join our team and enhance our Microsoft Sentinel & Azure SIEM threat detection capabilities. The Role: Design, implement & tune advanced detection rules and analytics. Translate threat intelligence into actionable detection logic. Lead SIEM enhancements, integrations & content migration. Mentor junior engineers and drive best practices. Collaborate with IR & threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

risks early. Contribute to a multidisciplinary cybersecurity taskforce , responding rapidly to emerging threats. 🧠 What We’re Looking For Strong understanding of OWASP Top 10 , MITRE ATT&CK , and evolving threat landscapes. Proven experience across vulnerability management, incident response, and network security . Ideally skilled in at least one programming language (e.g. Go, Python, Rust ). Experience managing or integrating … securing software or embedded systems . Excellent communication and stakeholder management skills. 💡 Desirable Experience Background in Aerospace, Defence , or similarly regulated sectors. Experience with bug bounty , exploit research, or threat intelligence . Solid understanding of system architecture and associated cyber risks. Ability to mentor junior engineers and promote a culture of security excellence. Passion for continuous learning and More ❯

technical contract, it's a mission-critical role at the heart of our cyber security strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every … a seasoned security professional with hands-on experience across SIEM, SOC, Azure, Microsoft 365 and enterprise network environments. You've led incident response, managed third-party suppliers and implemented threat detection strategies in hybrid organisations. Certifications such as CISSP, CEH, CREST or GIAC CIH are part of your toolkit, and your technical depth is matched by your ability to More ❯

critical systems. Information Security Manager: Duties Experience of business acquisitions - Highly desirable Develop/Maintain enterprise InfoSec strategy aligned business goals Oversee security architecture, vulnerability management, incident response and threat intelligence Lead security risk assessments and manage remediation plans for gaps Financial regulation compliance - GDRP, PCI DSS, SOX, FCA Establish security policies, standards & procedures Repost security posture, incidents More ❯

VPNs, and intrusion detection systems Respond swiftly to security breaches and assist in recovery efforts Maintain detailed records of investigations and patch cycles Stay current with cybersecurity trends and threat intelligence Contribute to disaster recovery planning and compliance alignment Support governance, change control, and delivery of cyber security workstreams Collaborate with internal teams and third-party suppliers to More ❯

all things SIEM, driving how we detect, defend, and deliver across multiple secure projects.If you love taking ownership, working with cutting-edge tools, and leading the way in proactive threat detection, this is the role for you.As the Lead SIEM Engineer, you will: Leading the design, development and tuning of SIEM content – rules, dashboards, alerts and reports that spot … threats fast. Acting as the technical authority on SIEM engineering, ensuring the platform runs efficiently and delivers real value. Working with SOC Analysts, Threat Hunters and Architects to enhance SIEM use cases and boost detection accuracy. Bringing new ideas and threat intelligence to evolve the SIEM strategy and stay ahead of emerging risks. Mentoring junior engineers, setting More ❯

in a busy Security Operations Center with a technology-oriented attitude and the capacity to assume control. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. Role based on site in our Farnborough office and is shift work. 2 x 6am to 6pm … the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team members to maintain and update … security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Aid the development and use of threat intelligence throughout the service. Ability to work shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯

with enterprise-scale clients in a fast-paced, shift-based environment. You’ll be part of a collaborative team using cutting-edge technologies like Microsoft Sentinel, Splunk, and MISP Threat Sharing to protect critical infrastructure. Key Responsibilities: Monitor and analyse security alerts and events, conduct initial investigations, and escalate complex incidents. Manage SOC incident queues and support asset baseline … maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For: Experience working in a Security Operations Centre. Familiarity More ❯

SOC Manager £75,000 - £85,000 + 15% bonus + £6k car allowance Warrington – Remote-first A leading global technology organisation is seeking a SOC Response & Threat Manager to lead their elite Tier 3 security team. As a SOC Response & Threat Manager, you will take ownership of complex security incidents, lead high-performing analysts, and shape the Cyber … Threat Intelligence capability. Working hands-on with cutting-edge tools, you'll orchestrate critical incidents while hunting sophisticated threat actors across enterprise environments. Key Experience: • Proven experience leading incident response operations and managing security analysts. • Deep expertise in digital forensics and incident response (DFIR). • Strong knowledge of threat hunting methodologies and adversary tactics. • Ability to … 6k car allowance • Generous pension with double-matched contributions • 25 days holiday plus bank holidays • Private medical insurance and flexible benefits To hear more about the SOC Incident Response & Threat Hunting Manager opportunity, get in touch with Connor Smyth at Anson McCade on 020 7780 6706. More ❯

Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds. Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch More ❯

work independently with minimal supervision, taking ownership of assigned tasks and driving them to completion while maintaining high standards of quality and accuracy. Strong understanding of Cybersecurity Domains, including Threat Intelligence, Vulnerability Management, Security Testing, Security Architecture, Infrastructure Protection, Application Security, Identity and Access Management, Incident Investigation & Response and Cryptography. Additional skills and experiences would be great to More ❯

solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus. More ❯

secure and scalable platform at the crossroads of security, technology, and energy innovation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps modules (Security Incident Response, Vulnerability Response, Threat Intelligence, etc.). Integrate ServiceNow with cybersecurity tools (SIEM, SOAR, EDR, CMDB, OT/ICS). Work with cybersecurity, IT, and engineering teams to automate and improve response More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOC More ❯

security team and will be responsible of helping develop effective security controls. Key responsibilities will include: Working closely with the in-house security operations team to drive world class threat detection Building effective detection use cases within the chosen SIEM while minimizing false positives. Utilize online resources for researching and collecting threat intelligence to enhance the SOC More ❯

platform governance while influencing strategic security decisions across the organisation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps capabilities, including: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT More ❯

We’re supporting a household-name retailer to hire a hands-on Cyber Vulnerability Analyst into their Global Threat & Vulnerability function. You’ll run scanning across cloud, networks and apps, turn findings into risk-based actions, and partner with SOC, AppSec, Networks and Cloud to land fixes fast. If you enjoy closing the loop—from discovery to remediation—and … assessments of relevant technology focus areas. Defining, creating and implementing various SOPs (Standard Operating Procedures) and SOMs (Service Operating Models). Use asset risk profiles, vulnerability severity ratings, and threat information to communicate remediation priorities. Support incident response in investigations and response at all stages. Assist and work closely with our offensive security team, SOC team, Network Team, AppSec … applicable policies, regulations, and compliance documents. Engage in team working and demonstrate a professional, motivated attitude. Collaborate with the security compliance team to meet compliance and regulation requirements. Leverage threat intelligence sources to inform on exposure to vulnerabilities. Assist in automated or manual patching remediation processes. Essential 1-2 years experience in vulnerability management role or equivalent Hands More ❯

rich role working closely with ICT leadership, engineers, and external partners—perfect for someone who wants to make a real impact. Key Responsibilities Manage and optimise CrowdStrike Falcon for threat detection and response Investigate, triage, and remediate security incidents and vulnerabilities Support patching, scanning, and integration of threat intelligence Improve technical security controls across networks, endpoints, and … cloud Assist in designing secure configurations for systems and services Collaborate on compliance audits and internal security documentation Key Skills Strong understanding of core cybersecurity principles and threat vectors Understanding of risk frameworks such as Cyber Essentials+, ISO 27001, CIS, PCI-DSS Experience with EDR/XDR platforms - Crowdstrike Falcon Proficiency with Microsoft security stack (Defender, Intune, MFA, etc. … Solid grasp of patch management and vulnerability assessment Ability to interpret logs and alerts to assess threat response Clear communicator with the ability to explain risk to non-technical teams Desirable Skills Familiarity with SIEM tools (e.g. Sentinel, Splunk) Scripting/automation knowledge (e.g. PowerShell, Python) Understanding of data protection and privacy frameworks (e.g. UK GDPR) In return the More ❯

with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service More ❯

maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team … a senior role, and the ideal candidate will be a self-starter with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. More ❯

own, manage and rule their data. One of our specialisations is in cybersecurity consultancy offering end-to-end SIEM services, helping clients design, deploy, and optimise security monitoring and threat detection solutions. Our team provides comprehensive support across all stages of SIEM implementation, from initial strategy and solution design to deployment and ongoing management. Our focus is on delivering … tailored solutions that enhance security postures, maintain compliance, and provide actionable threat intelligence. What we're looking for We are seeking a client-focused Senior SIEM Consultant with a strong foundation in SIEM technologies, cybersecurity best practices, and threat detection strategies. In this role, you will work closely with clients to understand their security needs, provide guidance on … based on client requirements, budget, and existing security infrastructure. SIEM Implementation & Configuration: Lead the design and configuration of SIEM solutions, ensuring integration with client systems and optimizing for effective threat detection and real-time monitoring. Support clients in deploying SIEM in hybrid environments, including on-premises, cloud, and multi-cloud platforms, integrating cloud-native security tools for enhanced visibility. More ❯

building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative environment. If you love improving how More ❯

protocol. • 2+ years experience in administering firewall, WAF, and Virtual private network systems/appliances. • Experience with IPS/IDS, SIEM technologies, and data loss prevention. • Experience working with threat intelligence and developing proactive best practices. • Certified Information Systems Security Professional (CISSP), or related certification. • Prior experience working within a financial service organization preferred. • Project management skills preferred More ❯

II/PCI DSS. Champion a company wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security incident response and threat intelligence procedures. Lead, curate, and report on Navro's on going and persistent security awareness programme including frequent phishing testing campaigns, secure development, etc. Work with IT, SRE More ❯