1 to 25 of 106 Cyber Threat Intelligence Jobs in England

Strong technical acumen and an ability to lead incident response and effectively manage risk is essential. Key Responsibilities Security Strategy & Governance Act as the company's lead advisor on cyber and information security, ensuring risks are identified, prioritised, and addressed with appropriate technical and procedural controls. Shape and embed practical security governance aligned with real-world operational needs - integrating … the Executive and project leadership to ensure security is represented in commercial proposals, assurance processes, and delivery planning. Maintain strong relationships with relevant external stakeholders (e.g. NCSC, NPSA), monitoring threat intelligence and security guidance. Operational Security & Risk Management Lead the design, implementation, and monitoring of controls across endpoint security, identity and access management, and cloud infrastructure (e.g., AWS … improve the incident response framework, including active participation in investigations, post-incident reviews, and business continuity planning. Run regular tabletop exercises and scenario testing to ensure operational preparedness for cyber-attacks and disruptions. Support secure architecture and infrastructure reviews across projects and services. Risk Management & Security Engineering Conduct and lead structured technical and procedural risk assessments, including threat More ❯

web security, email security, virtual private network (VPN), security information and event management (SIEM) platforms (e.g., FortiAnalyzer), log monitoring, and Multi-Factor Authentication (MFA). This includes managing custom threat intelligence feeds and correlation logic within SIEM tool. •Monitor and restrict access to sensitive, confidential, or other high-security data using tools such as Microsoft Defender for Endpoint More ❯

technology-enabled transformation across all of our markets. As our Chief Information Security Officer (CISO), you will be at the forefront of safeguarding a multi-billion-pound enterprise-leading cyber strategy, shaping board-level risk appetite, and protecting the trust of millions of customers worldwide. As one of the world's leading global warranty providers we offer customers' peace … Working closely with executive leadership, our Technology, Engineering and Product teams, and other stakeholders, you will lead efforts to protect the organisation's sensitive information, systems, and infrastructure from cyber threats and breaches. This role requires a strategic security and people leader with extensive experience in information security management, risk assessment, and compliance within a rich, regulated corporate environment. … The role is delegate chair for the IT Security and Cyber Security Steering Committee, a delegated body reporting into the Group Risk Committee (GRC) and then the Audit and Risk Committee (ARC). Your Mission: Set Vision and Strategy: Define and own the Group-wide cyber security strategy aligned with business ambition, ESG goals, and evolving threat More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate … as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat More ❯

Incidents occurring within the monitored networks. Main Duties Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis … summary information. Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. Produce security incident review reports to present information about the security incident and provide security improvement recommendations based … on the security incident review. Understand Threat Intelligence and its use in an operational environment Threat Hunting and the ability to look for attacks that may not have been captured Support incident response to national scale incidents in a coaching capacity Support in the development and implementation of SOC Use Cases Work with other teams within NTT More ❯

re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join a dynamic, innovation-driven team where your skills make a real impact. Your Mission: As a Cyber Security Engineer, you’ll … take charge of designing and implementing advanced security systems, supporting clients in improving their security posture, and staying ahead of emerging cyber threats. You’ll play a crucial role in delivering technical excellence, leading customer engagements, and mentoring team members. Key Responsibilities: Design, implement, and manage enterprise-grade security solutions (firewalls, SIEM, IDS/IPS, endpoint protection, cloud security … on experience with SIEM, EDR, VPNs, firewalls, and cloud platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting More ❯

to a wide range of clients across sectors. As part of the expanding Incident Response team, the successful candidate will play a critical role in detecting, analysing, and mitigating cyber threats. This role requires strong analytical thinking, problem-solving abilities, and the agility to operate in a fast-paced environment. Key Responsibilities: Conduct initial assessments of security incidents and … contribute to incident management. Participate in live Incident Response operations, including digital forensic investigations. Perform security assessments, threat intelligence gathering, and OSINT analysis. Collaborate across departments to ensure a comprehensive approach to cybersecurity. Engage directly with clients to retrieve relevant logs and access infrastructure for forensic analysis. Thoroughly document incidents, including timelines, affected systems, response actions, and improvement … Experienced in stakeholder management during high-pressure incidents. Strong communication skills and composure under pressure. Able to align incident response practices with industry standards and client expectations. Background in threat intelligence and proactive incident readiness. Self-starter with a collaborative mindset, committed to team success. Additional Info: This is a remote-first role, but occasional travel to client More ❯

ll be doing: What you'll be doing: Monitor, triage, analyse and investigate alerts, log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents. Categorise all suspected incidents in line with the Security Incident policy. Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis … event detail and incident summary information. Write high-quality security incident tickets using existing knowledge resources and independent research. Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks. Produce security incident review reports to present information about incidents and provide security improvement recommendations. Understand Threat Intelligence and its application in an operational environment. Conduct Threat Hunting to identify attacks that may not have been captured. Support incident response to national-scale incidents in a coaching capacity. Assist in the development and implementation of SOC Use Cases. Collaborate with other teams within NTT DATA to improve services based on customer needs. Prepare disaster More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

lead in customer-facing engagements, translating complex security needs into effective solution architectures Design Zero Trust-aligned network and endpoint architectures, including segmentation, micro-segmentation, NAC, and DNS-layer threat protection Lead conversations around network modernization , helping clients evolve from legacy architectures to software-defined, cloud-integrated, and policy-driven network designs Deliver workshops, product demonstrations, and proof-of … endpoint protection and EDR platforms such as CrowdStrike, SentinelOne, Microsoft Defender, or Tanium Familiarity with DNS security tools and strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence … as the technical lead in pre-sales engagements focused on network and endpoint security. Conduct client discovery sessions, workshops, and assessments with an emphasis on segmentation strategies, visibility, and threat defence. Deliver compelling technical presentations and product demonstrations to both technical and business audiences. Solution Design & Architecture Design and validate secure architectures incorporating network segmentation/micro segmentation, DNS More ❯

Cyber Security Analyst Barbican, London Hybrid (One office day a week) Permanent Competitive salary available, depending on experience 37.5 hours per week At Nuffield Health, everything we give our patients, members and customers would not be possible without you. Your passion, your warmth, your drive to make a difference. Whether it's driving connecting health, helping the nation, transforming … building the career you want - we give you the support to do it all. Join our journey. It starts with you. We are looking for a skilled and enthusiastic Cyber Security Analyst to join our growing Cyber Security Operations practice. The ideal candidate will have experience working in an existing cyber security operations role and be able … to demonstrate working knowledge of IT security operations including security alert/incident response and investigation practices, threat intelligence and hunting, and cyber security tooling and reporting. This role also provides the opportunity to contribute to the ongoing improvement of our cyber security detection and protection strategy. To be successful I this role, you should demonstrate More ❯

of our data across the organization. You will play a critical role in implementing, managing, and optimizing security measures to protect our systems, networks, and data from unauthorized access, cyber threats, and data breaches. The ideal candidate should have a strong background in cybersecurity, particularly in DLP of email security, cloud applications, endpoints and threat prevention with a … proven ability to respond to evolving security challenges. Responsibilities: Proofpoint Management: Configure, deploy, integrate, and manage Proofpoint security solutions, including email security, data loss prevention (DLP), threat protection, and information protection. Monitor and analyse Proofpoint alerts and logs to detect and respond to security incidents and threats. Regularly update and optimise Proofpoint configurations to adapt to evolving threat … regular risk assessments and vulnerability scans to identify potential security risks and implement mitigation strategies. Lead incident response efforts related to email security breaches, ensuring quick containment and remediation. Threat Intelligence and Incident Response: Analyse threat intelligence to anticipate and mitigate potential cyber threats targeting the organisation. Participate in or lead incident response activities related More ❯

only a varied and interesting workload, but we can nurture your inquisitive nature and help you create change in the workplace - making it better for all. Logiq Consulting are Cyber Security and Information Assurance experts. We specialise in providing leading edge consultancy to high-threat clients, as well as delivering a range of security services and products throughout … criticality and prioritisation of security incidents and vulnerabilities. Collaborate with other team members to further investigate incidents and propose responses and solutions. Report any new knowledge gained about existing cyber threats or vulnerabilities within their network so that future incidents can be prevented. Promote and evolve the clients Security Operations Centre (SOC), make recommendations for playbooks, processes and procedures … and assist in further integrating monitoring capabilities to enhance the SOC function. Utilise threat intelligence feeds and software vulnerability management tools to identify and respond to emerging threats and vulnerabilities in company IT systems. Review configuration dashboards, identifying deployment issues and misconfigurations that may lead to vulnerabilities to Logiq platforms. Collaborate with other InfoSec team members to ensure More ❯

Job Summary: The Security Operations Lead is responsible for our security monitoring and incident response capabilities within the Square Enix Cyber Security team (covering Europe and North America). The primary goals of the role are the timely detection of security incidents, effective response and the continuous improvement of our preventative and detective controls. This role will work alongside … effectiveness of our preventative and detective controls, probing weaknesses and implementing improvements alongside our risk and engineering teams. The role is aimed at candidates with a broad and senior Cyber Security skillset who are seeking to further develop their Cyber Security career in an exciting industry. Engineering skills in maintaining Security Information and Event Management (SIEM) platforms and … the configuration of our wider security tools are key. We are also seeking candidates with experience leveraging AI to enhance productivity and effectiveness. Key Deliverables: Threat Detection & Incident Response Leading investigation and analysis of security alerts to identify and promptly respond to security events. Leading the response to major cyber security incidents, collaborating with key business and technical More ❯

activities to contain, eradicate, and recover from security incidents. Develop and maintain incident response plans aligned with industry best practices. Manage escalations during security incidents. Follow major incident processes. Threat Intelligence: Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes. Contribute to threat intelligence feeds to enhance proactive detection. Security … Willingness to work in a 24/7 operational environment or on-call. Education & Experience Minimum 3-5 years in IT security, preferably in a SOC/NOC environment. Cyber Security Certifications such as GIAC, ISC2, or SC-200 preferred. Experience with Cloud platforms (AWS and/or Microsoft Azure). Proficiency with Microsoft Office, especially Excel and Word. More ❯

The team you'll be working with: Consultant - Offensive Security Testing Role Overview: We are seeking a highly skilled and experienced Offensive Security Consultant with a strong focus on threat intelligence and attack methods. The ideal candidate will manage and conduct advanced penetration testing engagements, leveraging threat intelligence to simulate real-world attacks across various environments … provide strategic, actionable recommendations to enhance our clients' security posture. What you'll be doing: Responsibilities: Lead and manage the full lifecycle of complex penetration testing engagements, applying a threat intelligence-led approach. Execute advanced penetration tests across environments such as applications, infrastructure, web, APIs, O365, Azure, AWS, and OT, using current threat landscape knowledge and attacker … TTPs. Develop and maintain detailed test plans and use cases informed by threat intelligence analysis. Identify and prioritize critical OT and IT assets based on potential threats and exposure. Plan and schedule testing engagements based on threat assessments and client needs. Produce clear, detailed reports with technical findings, business impact, and strategic remediation recommendations for diverse audiences. More ❯

Senior Consultant - Cyber Resilience, Crawley (Hybrid) - £60-80K + Excellent Benefits About the Role This is a pivotal opportunity for an experienced Senior Consultant to lead large-scale cybersecurity projects across a diverse client base. The role focuses on cyber resilience, including threat intelligence, incident response, risk management, compliance, and security architecture. You will act … as a trusted advisor, delivering tailored solutions that help clients enhance their cyber posture and protect their critical assets. Key Responsibilities Lead the end-to-end delivery of cyber resilience projects, ensuring solutions are scalable, secure, and aligned with client goals Design and implement advanced cyber resilience solutions and frameworks Manage incident response, guiding teams through breach … and support junior team members, encouraging skill development and knowledge sharing Contribute to business development by producing high-quality proposals and identifying growth opportunities Skills & Experience Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 More ❯

cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world … This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the … managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s More ❯

cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world … This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the … managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s More ❯

cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world … This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the … managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s More ❯

cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world … This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the … managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s More ❯

cleaning up space , sustainability is at the heart of our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world … This is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the … managing enhancement projects to integrate new features and solutions into our Security Operation Centers (SOC). This is a fantastic opportunity to join a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s More ❯

Cyber Security Analyst - Tier 3 When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team! Role: Cyber Security Analyst Tier 3 Work location: Nottingham or Sheffield (Hybrid) Salary banding … energetic, friendly people we would love to hear from you. The role and what youll be getting up to on a day to day basis: Littlefish is seeking a Cyber Security Analyst Tier 3 to come and join our growing Cyber division. As our Cyber Security Analyst Tier 3, you will monitor customer infrastructure for potential threats. … and response to security alerts to identify security incidents and act to appropriately contain threats. Supporting, as required, the CSOC Manager in the day-to-day running of the Cyber Security Operations Centre (CSOC) operations team. Acting as a point of escalation for the Cyber Security Analysts the role has responsibility for coaching and mentoring the analysts on More ❯