101 to 125 of 296 Permanent Threat Intelligence Jobs

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

defined incident response processes and escalate to the Cyber Security Incident Response team when necessary. Develop and fine-tune detection rules, create and maintain detection playbooks, and collaborate with threat intelligence to identify new detection opportunities. Use automation tools and scripting languages (e.g., Python, PowerShell) to streamline repetitive tasks and boost efficiency. Proactively hunt for potential threats within … the environment, leveraging threat intelligence and advanced analytics to identify and mitigate risks. Work closely with other cyber defence teams, including Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams. Effectively communicate findings and recommendations to various stakeholders. Utilise your technical expertise to analyse telemetry related to incidents and identify appropriate investigation pathways. Identify techniques used by … experience in scripting or programming languages. Preferred experience dealing with incidents in various environments, including OT and ICS technologies. Preferred experience working with wider Cyber Defence teams, such as Intelligence, Vulnerability Management, Threat Hunting, and Purple Teams. Understanding of cyber security legislation and experience with information risk and security-related best practices, policies, standards, and regulations. What's More ❯

strategy across infrastructure, applications, and data. Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse's risk profile. Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams. Build and mentor a high-performing security team, including hiring, coaching, and managing performance. Develop KPIs and reporting … data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of … proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure Security Partner with engineering to embed security in the More ❯

and the wider Defender XDR suite Knowledge of cloud and on-premise environments, ideally Azure, including networking and firewalls Familiarity with incident response processes, playbooks, and tools Understanding of threat intelligence and vulnerability management Experience with ISO27001 and compliance frameworks Scripting and coding skills (e.g., Python, PowerShell, Bash) Exposure to CI/CD, Infrastructure as Code (IaC), and … Security Engineer/Security Analyst/Cloud Security Engineer/Security Operations Engineer/SOC Engineer/InfoSec Engineer/Infrastructure Security/DevSecOps Engineer/Security Automation/Threat Detection/Threat Intelligence/SIEM/Azure Sentinel/Microsoft Defender/Endpoint Security/PowerShell/Python/Bash/Azure DevOps/Infrastructure as More ❯

Primary Responsibilities: • Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations • Author, update, and maintain SOPs, playbooks, work instructions • Utilize Threat Intelligence and Threat Models to create threat hypotheses • Plan and scope Threat Hunt Missions to verify threat hypotheses • Proactively and iteratively search through systems and … networks to detect advanced threats • Analyze host, network, and application logs in addition to malware and code • Prepare and report risk analysis and threat findings to appropriate stakeholders • Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. • Coordinate with different teams to improve threat More ❯

investigation strategies. Develop and refine forensic methodologies and procedures to ensure consistent, high-quality investigations. Provide guidance and best practices on forensic readiness and security incident management. Collaborate with threat intelligence teams to correlate forensic findings with threat actor tactics, techniques, and procedures (TTPs). Conduct compromise assessments and proactive threat hunting using forensic tools and … collection, handling, and analysis of digital evidence in AWS and Azure environments. Key Skills & Experience: Proven experience in DFIR, with hands-on expertise in forensic analysis, incident response, and threat investigations ideally in a consultancy capacity. Technical background (e.g., previous experience as a systems or network administrator) with a solid understanding of operating systems, networking, and security architectures. Strong … translate complex forensic concepts into client-friendly language, supporting engagement with both technical and executive stakeholders. Experience with forensic data preservation, chain of custody, and evidential procedures. Familiarity with threat intelligence frameworks (MITRE ATT&CK, TTP mapping, IOC development). Certifications such as GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer, or equivalent are desirable. Offensive certifications More ❯

powerful modules such as Extended Detection & Response (XDR), Security Information and Event Management (SIEM), a 24/7 operational Security Operations Center (SOC) , as well as specialized solutions for Threat Intelligence, Incident Response, and Behavioral Security Training. Leveraging artificial intelligence, automated playbooks, and real-time data analysis , Decanos helps companies detect security incidents early and respond effectively. … secure coding, performance optimization, and database design . Process and analyze security data , working with SIEMs, EDRs, and real-time event processing. Work closely with security analysts to translate threat intelligence into automated detection and response features. Own and drive system architecture decisions , ensuring scalability and maintainability. Foster a collaborative team environment , helping junior developers grow their expertise. More ❯

do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Join Centrica as a Threat Detection Engineer, where you'll be at the forefront of our mission to safeguard our digital landscape. In this dynamic role, you'll be responsible for developing, automating, and … enhancing our detection capabilities to swiftly identify and respond to security threats. You'll have the exciting opportunity to create innovative detection use cases, leveraging security telemetry, threat intelligence, and insights from past incidents. Your expertise will be crucial in addressing detection gaps across our infrastructure, working closely with various business units to boost visibility, and crafting automated … address any gaps in security coverage. Apply GitOps and CI/CD principles to automate detection engineering workflows, boosting operational efficiency. Build and optimize security playbooks to streamline detection, threat hunting, and incident response activities. Develop, automate, and enhance our threat detection and response capabilities. Work closely with security analysts and other stakeholders to identify and address gaps More ❯

Revenue is seeking an experienced Cybersecurity Specialist 3 to lead the development, delivery, and optimization of IT security standards, best practices, and system architecture. This role focuses on advanced threat hunting, complex incident response, vulnerability management, and security design to protect critical state systems and sensitive data. Key Responsibilities: Proactively hunt for advanced threats that bypass automated detection tools. … and implement security architecture and recommend improvements. Monitor networks and systems for unauthorized activities and respond to incidents. Optimize cybersecurity tools (SIEM, EDR, IDS) and integrate new technologies. Incorporate threat intelligence feeds into platforms to enhance detection. Required Skills & Competencies: Bachelors degree in Computer Science, IT, Information Security, or equivalent experience. 4+ years of proven success in technology … focus on information security and data governance. Hands-on expertise with SIEM, EDR, IDS, and network monitoring tools. Strong knowledge of vulnerability management tools and practices. Advanced understanding of threat intelligence, incident response, and proactive defense. Excellent analytical, problem-solving, and documentation skills. Working Conditions: Hybrid work model (onsite in Metro Atlanta as required). On-call rotation More ❯

In this role, you will be at the forefront of protecting critical systems, networks, and applications from evolving cyber threats. You will leverage your deep knowledge of security tools, threat intelligence, intrusion analysis, and incident response to safeguard sensitive data and ensure organizational resilience. This is an exciting opportunity for an individual who thrives in fast-paced environments … intrusion analysis, vulnerability assessments, and forensic investigations to support enterprise security posture. • Research, track, and analyze emerging threats, attack methods, and malicious campaigns. • Collect, validate, and apply open-source intelligence (OSINT) to strengthen defense strategies. • Provide subject matter expertise in malware, botnets, distributed denial-of-service (DDoS) attacks, social engineering, insider threats, and hacktivism. • Administer and optimize IDS/… controls. • Experience with Nessus Security Center (or ACAS, Tenable Security Center). • Familiarity with malware analysis, packet analysis, Splunk, and OSINT reconnaissance. • Experience with STIX, TAXII, OpenIOC, or other threat intelligence schemas. • Programming/scripting skills in at least one language (Python, Ruby, PowerShell, C#, Bash, Perl, C++). • Database administration experience with Oracle, MSSQL, MySQL, or similar More ❯

SOC operations, including hands-on involvement in incident detection, analysis, containment, and remediation. The Technical Lead ensures that security technologies such as SIEM, SOAR, IDS/IPS, EDR, and threat intelligence platforms are effectively configured, maintained, and optimized to support real-time monitoring and response. Additional responsibilities include mentoring junior analysts, conducting technical training, developing playbooks and detection … analysis of security incident responses. Perform forensic analysis of devices involved in incidents. Investigate potential intrusions and security events to contain and mitigate incidents. Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance. Analyze network traffic and identifies attack activity. Document incident response activities and lessons learned. Effectively communicate incident response activities. Provide … management. Collaborate with vendors to ensure proper best practices are enforced and recommendations are delivered. Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs. Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success. Produce high-quality More ❯

Hargreaves Lansdown is seeking a talented and experienced Cyber Threat Intelligence Manager to join our dynamic Cyber Defence team in Bristol. As our CTI Manager, you will play a critical role in protecting our organisation from cyber threats by proactively identifying, analysing, contextualising, and escalating potential risks click apply for full job details More ❯

that make a real impact. ?? The Role This isn't just a technical role. You'll act as a trusted advisor , guiding organisations through incident response, compliance, risk management, threat intelligence, and security architecture . From hands-on frameworks to executive-level strategy, you'll be at the centre of helping clients protect what matters most. ?? What You … Agile ceremonies to keep projects sharp and effective. Mentor junior consultants and build team capability. Contribute to business growth through proposals and client engagement. ??? Skills & Experience Proven expertise in threat intelligence, risk management, incident response, compliance (GDPR, ISO 27001), and security architecture . Experience with tools such as Rapid7, SentinelOne, Fortinet, Netskope, SOAR (InsightConnect), AWS/CNAPP . More ❯

Position Overview The Insider Threat Cybersecurity Specialist plays a critical role in identifying, investigating, and mitigating insider threats across the environment. This role combines technical expertise in threat detection and behavioral analytics with strategic collaboration across security, HR, legal, and compliance teams. The ideal candidate will have a strong background in SIEM/EDR tools, data loss prevention … and insider threat frameworks, and will contribute to the continuous improvement of our Insider Threat Program. Key Responsibilities Monitor and analyze user activity for anomalous behavior using SIEM, EDR, and UEBA tools. Develop and tune detection rules and alerts in platforms like Splunk and Microsoft Sentinel to identify insider threats and privileged account misuse. Lead or support investigations … into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment. Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments. Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds. Perform vulnerability assessments and risk More ❯

ZeroFox seeks an Intelligence Analyst to join our world-class Global Intelligence Services (GIS) team, helping to protect organizations from the latest cyber threats. Utilize your expertise in the field of cyber security and intelligence analysis to conduct thorough investigations, write insightful reports, and engage with customers. If you have a proven track record in this field … creative spirit are a must. This is a fully remote opportunity based in the United Kingdom. Role and responsibilities Conduct in-depth tactical and strategic analysis of the cyber threat landscape, identifying emerging trends, tracking key threat collectives and delving into deep and dark web activity. Be a subject matter expert (SME) within the GIS team. Draw upon … open and closed sources of intelligence to author analytically-sound, industry-leading finished intelligence reports. Weigh competing hypotheses against each other, utilizing analytical tools to form conclusions. Identify, analyze and deliver reports on topics that are fundamental to protecting our customer base. Work across multi-disciplined teams to leverage their expertise and experience. Maintain strong customer engagement throughout More ❯

Insider Threat Analyst PKH Enterprises is seeking qualified individuals to support both government and private-sector clients in the development and implementation of insider threat and asset protection programs. Qualified candidates should have knowledge of insider threat program elements, governance models and overall program operations. A strong background in Insider Threat oriented intelligence/OSINT … HR, programmatic and human/technical inquiry/investigative experience is desired. Responsibilities: • Provide consulting support services to government and private-sector clients related to the development of insider threat programs. • Conduct evaluations of existing insider threat program elements. • Evaluate and recommend both technical and non-technical solutions to detect and respond to potential insider threats. • Evaluate and … establish program elements to support insider threat prevention, detection and response. • Evaluate and establish insider threat program governance and stakeholder engagement mechanisms. • Conduct risk management assessments of critical assets and develop strategies for their protection. • Provide support in developing business cases, resource planning, budget justifications and other documents in support of client insider threat programs. • Develop and More ❯

PRIMARY OBJECTIVE OF POSITION: Zero Point is seeking an Intelligence Analyst - Integrator to provide direct support to USSOCOM by fusing intelligence and operational data to enhance mission effectiveness. The analyst will work closely with intelligence, operations, and special mission teams to identify, assess, and integrate intelligence-driven solutions that support USSOCOM objectives. MAJOR DUTIES & RESPONSIBILITIES: Conduct … all-source intelligence analysis to support special operations missions and planning. Develop, integrate, and disseminate intelligence products that support operational and strategic objectives. Identify and analyze intelligence gaps, providing recommendations for collection and exploitation. Support fusion efforts between intelligence and operational teams to enhance situational awareness. Work with DoD and interagency partners to coordinate intelligence activities. Provide briefings and reports to senior leadership on emerging threats and operational risks. Utilize advanced analytical tools and databases, including Palantir, TAC, Analyst Notebook, and other classified intelligence systems. Assist in the integration of new intelligence capabilities into USSOCOM operations. Support targeting and operational planning by providing timely and actionable intelligence. MINIMUM QUALIFICATIONS: Bachelor's degree More ❯

Lead. Responsibilities/Tasks The Red Analyst (Cyber) shall: Characterize the adversary's cyber capabilities. Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist Red Team Program Leader collection plans, identify information sources, and develop and … and conduct analysis appropriate to the program, identify essential functions/tasks and critical assets necessary to perform them as determined by the program leader. Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist red team program leader collections plans, identify information sources, and develop and conduct research of publicly available information (PAI … progress reports and white papers, after action reviews, final reports, risk analysis products and other documents as required. Perform regular updates of existing documents based on changes in the threat landscape or upon discovery of new threat tactics or procedures Required Skills/Qualifications Ability to communicate complex informational concepts or ideas in a confident and well -organized More ❯