26 to 50 of 80 Cyber Threat Intelligence Jobs in England

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary : £50,000 - £60,000 depending on experience Dynamic (hybrid) working : Minimum 2 days per week on-site due to workload classification … DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead … management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute More ❯

Role: Cyber Security Analyst Location: London/Manchester/Bristol Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside of the … UK and declaration of being a British passport holder with no dual nationalism at the point of application. Note: The above information relates to a specific client requirement Our Cyber Practice is a fast-growing community of industry leading experts. The practice covers Assurance, Compliance, Security Operations (SecOps), Offensive Security and Security Research. It is critical that the relevance … maintained and augmented and that the team members have every opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team More ❯

law, technology, and crisis management.This is not another practice group in a traditional firm - it's a high-performing business within a business, combining legal expertise with digital forensics, threat intelligence, and cyber risk engineering.If you want meaningful responsibility, the chance to grow something, and a clear path toward partnership or leadership, this is that moment.What You … ll Do Lead and manage a caseload of complex data-breach and cyber-incident matters, including live ransomware events and regulatory investigations. Act as a trusted adviser during active crises — providing clear, strategic legal guidance under pressure. Supervise and mentor junior lawyers while helping shape the direction of the team. Work alongside leading experts in digital forensics and threat intelligence to deliver fully integrated incident response. Contribute to new products, knowledge, and thought leadership in a rapidly evolving field. Support business development and client-relationship initiatives that will accelerate your route to partnership. What You'll Need Qualified solicitor (5+ PQE) with hands-on experience in cyber, data-breach or regulatory incident work. Commercially astute with More ❯

London (Hybrid) – Excellent Permanent Package – Financial Services We are looking for a skilled Security Operations Centre Analyst to join our Security Operations team. This role focuses on responding to cyber security incidents while supporting proactive threat intelligence efforts. You will play a key part in detecting, investigating, and mitigating threats, as well as improving our security posture … through continuous monitoring and analysis. Key Responsibilities Investigate and respond to cyber security incidents, including malware outbreaks, phishing attempts, and insider threats. Lead incident response efforts and conduct digital forensics. Enhance detection and response capabilities through process improvements and automation. Monitor alerts from SOC tools and perform root cause analysis. Collaborate with IT and security teams to remediate vulnerabilities. … Gather and analyse threat intelligence to inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring More ❯

Cyber Security Analyst – Cyber Defence Centre (CDC) Selby or Ipswich Hybrid working Permanent, full time Closing date: Monday 1st December 2025 Who we are We're not just talking about making a difference, we're making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have … champions. We're enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a Cyber Security Analyst within the Cyber Defence Centre team, you'll be responsible for identifying, triaging, and investigating potential security threats to help protect the organisations systems and data. … Working alongside the Cyber Defence Centre team and the wider security teams, you'll play a key role in maintaining visibility across the environment and supporting effective incident response. This role also contributes to the continuous improvement of alerting and detection capabilities by highlighting patterns, reducing false positives and creating triage documentation. Through a combination of hand on analysis More ❯

Cyber Experience, qualification, and soft skills, have you got everything required to succeed in this opportunity Find out below. Security Analyst – Cyber Defence Centre (CDC) Selby or Ipswich Hybrid working Permanent, full time Closing date: Monday 1st December 2025 Who we are We’re not just talking about making a difference, we’re making it happen. We generate … champions. We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come. About the role As a Cyber Security Analyst within the Cyber Defence Centre team, you’ll be responsible for identifying, triaging, and investigating potential security threats to help protect the organisations systems and data. … Working alongside the Cyber Defence Centre team and the wider security teams, you’ll play a key role in maintaining visibility across the environment and supporting effective incident response. This role also contributes to the continuous improvement of alerting and detection capabilities by highlighting patterns, reducing false positives and creating triage documentation. Through a combination of hand on analysis More ❯

Linux Proficiency: Administer and troubleshoot Linux-based systems, with command-line fluency and scripting ability (e.g. Bash, Python) to support SIEM operations, log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of … with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). Knowledge of additional log forwarding/processing tools (e.g. Elastic Agent, Fluentd). Exposure to vulnerability management and threat intelligence platforms such as OpenCTI. Qualifications: Expert knowledge of Azure & Sentinel Proven experience as a Cyber Analyst with a focus on Security Operations. Strong expertise in using … Elastic Stack, including Elasticsearch, Logstash, and Kibana. Familiarity with other SIEM tools and security technologies. Knowledge of cybersecurity best practices, threat intelligence, and incident response. Excellent analytical and problem-solving skills. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Elastic Certified Engineer (ECE) are a plus. This role will require you More ❯

Team Management: Recruit, mentor, and lead a high-performing, multi-disciplinary security team. Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies Threat Intelligence and Incident Response: Establish and mature a robust threat intelligence program to proactively identify, analyze, and mitigate emerging threats, particularly those targeting the African fintech More ❯

behave from a security perspective and enjoys uncovering the story behind complex data. This is an opportunity to join a pioneering start-up transforming raw security data into actionable intelligence, helping shape the future of threat detection across global networks. This role sits within their Security Research function and is ideal for someone with a SOC, network engineering … be a fantastic next step in your career. About the Role You'll support the wider security research team by 'farming' the data they generate - turning raw network and threat information into structured, meaningful insights that feed directly into ongoing research projects such as proxy detection, bot activity and, over time, AI-driven threat identification. Your responsibilities will … and clarity around what the data represents and why it matters. Identifying trends, patterns and anomalies in network activity from a security perspective. Helping translate technical findings into structured intelligence that can be used across the organisation. This is a frontline support role for the research function, offering space to explore, investigate and grow into a more advanced security More ❯

Job Title: Lead Threat Detection Analyst Location: Preston, Frimley or Filton. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role. Salary: Circa £59,000 depending on experience and skills What You'll Be Doing Delivery of core triage function as part of 24/7 protective … monitoring services across a range of networks/services Overseeing and contributing to the analysis and escalation of security threats and incidents identified Coordinate with Cyber Operations teams to respond to identified security threats and mitigate prior to impact Lead the development of people, process and technology improvements to aid the service Provide subject matter advice on security analysis … and development of detection content Deputise for the Threat Detection Manager when required Analyses requirements and advises on scope and options for continual operational improvement Essential Your skills and experiences: Experience of working within Security Operations or equivalent roles Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

+ bonus + benefits We're looking for a technically exceptional and strategically minded Engineering Team Lead to join a high-impact organisation at the forefront of global data intelligence and digital risk protection. You'll take ownership of a small but elite team delivering a new enterprise-scale product designed to detect, prevent and disrupt complex online threats … of aligning engineers, stakeholders, and business goals. Nice to have: Exposure to OpenSearch or Postgres within AWS. Understanding of frontend integration (TypeScript/modern web apps). Interest in cyber threat intelligence or large-scale data correlation. This is a unique opportunity to lead the development of a platform with global reach, within a culture that values More ❯

Are you an ambitious cyber security BDM or Account Executive looking to elevate your career? Join a CREST-accredited cyber security consultancy thats trusted by leading organisations to defend against todays most advanced threats. This is your chance to represent a brand built on credibility, innovation, and proven client success. Why Youll Love This Role: Growth with balance … solutions spanning penetration testing, offensive security, managed SOC, cloud security, and compliance, empowering you to sell with confidence and deliver real value. What Were Looking For Proven success in cyber security sales, ideally within penetration testing, managed SOC, threat intelligence or Cyber Essentials Strong experience in new business B2B sales The ability to engage senior stakeholders More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight and guidance … on threat hunting operations Translate threat intelligence into actionable hypotheses and use cases Design and execute advanced threat hunting exercises across varied environments Develop in-house training programmes for SOC analysts Drive CTI maturity and visibility across internal and customer-facing functions Ensure comprehensive documentation and stakeholder reporting Participate in the on-call rotation for critical More ❯

bridge the gap between strategic vision and technical execution — collaborating with vCISOs, Unit 42 engagement leads, and client stakeholders to design and deliver transformation blueprints and pragmatic roadmaps towards threat led resilience You'll work at multiple levels: partnering with Unit 42 peers and client senior decision makers to influence transformation direction, embedding into delivery teams to guide execution … and engaging in activities to elevate Unit 42's voice in the market. You bring a deep understanding of applying threat context to shape and drive transformation programmes. This role blends delivery, technical advisory, thought leadership, and enablement — ensuring our clients achieve measurable security outcomes while unlocking the benefits of a platform adoption strategy. Your Impact Client Engagement and … specialist technical topic and the ability to present it at industry events. Professional certifications (e.g., CISSP, CISM, CCSK, PCNSE). Additional Information Unit 42 brings together our world-renowned threat researchers with an elite team of security consultants to create an intelligence-driven, response ready organization. The Unit 42 Threat Intelligence team provides threat research More ❯

This is a key role within the Global Security Operations Centre (GSOC). You will be providing technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. You will report to the Senior Manager, Incident Response and works with a team of 4-6 technical specialists. You will act as … day per week remotely, depending on working arrangements. What will you do? Global accountability to respond to critical security incidents/events providing accurate and timely reporting to Global Cyber Security Leadership. Provide 7/24/365 support for security incidents impacting mission critical business and IT infrastructure, including supporting global incident management and response, remediation and reporting. … timely communication to all stakeholders regarding incident response activities. Provide post mortem reporting for leadership detailing security vulnerabilities, technology gaps, shortcomings or miscellaneous security issues. Responsible for working with threat intelligence, Security Operations Centre and extended teams to ensure global compliance to RBC standards with respect to security incidents and related findings. Responsible for driving to resolution security More ❯

Security Operations is responsible for ensuring alignment between AJ Bells business goals and our ability to proactively identify and respond to security incidents, underpinned by an ability to translate cyber risk in to business risk and vice versa. This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response … develop AJ Bells incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level. Develop and maintain AJ Bells threat intelligence capabilities to enable effective response to the evolving threat landscape, delivering and disseminating actionable intelligence to operations teams and key stakeholders. Ensure operational processes for … About you: Expert understanding and knowledge of Information Security risk management tools and techniques Extensive experience of Information Security standards and frameworks Awareness and understanding of the Information Security threat landscape Knowledge of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage. Experience of utilising and monitoring Information Security solutions e.g. email/ More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed robust security practices. More ❯

Partnered with a Multi-Award-Winning, Software-Based Organisation at the Forefront of Pre-Emptive Exposure Management. As a Market Leader backed by significant Venture Funding, they combine Proactive Threat Intelligence, Real Attacker Telemetry & Automated Red Teaming to Continuously Identify & Validate Real Exposure. Success in this position will enable the business to Transform Raw Intelligence into Actionable … Providers, helping them Outrun Real-World Threats in Real-Time. Role Overview: We're looking to speak with ambitious Information Security/SOC Engineers to Build & Continuously Evolve Internal Cyber Security Capability. You will secure the Internal Environment, Ensure Compliance with Leading Security Frameworks & Support Secure IT Operations across the Global Team. This "Hands-On" role requires Technical Depth … Security Design Experience & Strong Operational Discipline. If you're excited by Autonomy & Helping Build Internal Security "From the Ground Up", alongside working in a Fast-Moving Cyber-Company, then read on... Skills & Experience Required for Information Security Engineer role: Strong Cloud Security Background (AWS) with "Hands-On" Security Operations across Cloud, Servers & Endpoints Proficient in Vulnerability Management, including Scanning More ❯

Location: London, UK (Hybrid: 2 days per week in the office) Company: Navro – Pioneering the Future of Payments Securing Trust: Cyber Security Lead This isn't just another Information Security role. No legacy systems. No corporate red tape. No coasting. This is about building something from the ground up. Fast. We're Navro, a rapidly scaling B2B payments startup … and we're looking for a bold, proactive, and hands-on Cybersecurity Lead to design, implement, and operate our security operations function, including SIEM, incident response, threat detection, secure by design, shift-left security engineering, and automated monitoring and response. You'll run and be part of the projects that implement, build, and maintain security integrations across our tech … mediocrity. Requirements What This Role Demands: You Own It – You lead our detection and response mission. You help define the roadmap, build the pipelines, and drive measurable outcomes across threat visibility, MTTD/MTTR, and resilience. You Ask Questions – You challenge assumptions to improve signal‐to‐noise, coverage, and automation. Why this alert? Where's the data gap? How More ❯