76 to 100 of 101 Cyber Threat Intelligence Jobs in England

Duration: 6 Months Clearance: Active SC Clearance is required Are you a hands-on Security Engineer with deep expertise in SIEM , Azure Sentinel , and incident response Join a dynamic cyber security team to support a critical national infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What You'll Be Doing: Supporting and … tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO … Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active SC Clearance Ready to make an impact? Apply today More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … experience Possession of industry-recognised certifications such as CISSP, CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and More ❯

to keep the organisation secure. Key Responsibilities: Lead and develop the IT security strategy. Manage and mentor a team of IT security professionals. Oversee security operations, incident response and threat intelligence. Collaborate with cross-functional teams to ensure security best practices. Stay updated with the latest IT security trends and technologies. Key Requirements: A relevant degree or qualified by … experience Possession of industry-recognised certifications such as CISSP, CISM, CISA, CRISC, or CGEIT. Proven experience in leading IT cyber security teams, with a strong emphasis on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and More ❯

is a challenging, rewarding role for a seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune … Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with More ❯

WHO ARE WE? Searchlight Cyber was founded in 2017 with a mission to stop threat actors from acting with impunity. Its External Cyber Risk Management Platform helps organizations to identify and protect themselves from threats emerging from the cybercriminal underground, with Attack Surface Management and Threat Intelligence tools designed to separate the signal from the More ❯

with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme. In a supportive working environment, you'll discover something new every day, whether it's a new connection, a new method of engagement or a talent you never … relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams. Security Operations: Implement and enhance security controls across various platforms (Microsoft 365/Azure, AWS, Salesforce, etc.). Manage threat intelligence, monitoring, and incident response. Policy Development: Develop and maintain information security policies, procedures, and guidance. Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches across … projects. Provide technical leadership in areas including threat intelligence, compliance reporting, and incident response . Support regulatory and internal audits, contributing clear documentation and continuous improvement. Collaborate with internal teams and external partners, including service providers and the organisation's parent company. Required Skills & Qualifications: Demonstrable experience in information security leadership , including line management or team leadership . More ❯

emerging threats associated with the product line you are managing and any dependencies; Act as the interface between CSIRT and Product teams as part of security incident activities; Deliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks; Engage in architecture and design reviews to ensure product alignment with Security … and regulatory standards that may impact product implementations; Support the engineering of control solutions where existing offerings are not available; Provide security expertise during incident and problem management. Produce threat intelligence briefings and other work products to share information across the organisation Respond to ad-hoc requests for platform security related guidance This role may require some overnight … governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR; Information technology systems and processes, network infrastructure, data architecture, data processes and protocols; Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF; Skills in: Security Tooling: Proficiency in common security tools, such as SIEMs More ❯

Cyber Security Engineer Location: West Malling, Kent/Hybrid Salary/package: £55,000 - £60,000 per annum Hours: Full time, 37.5 hours per week Help lead the charge in digital defence! We're looking for an experienced Cyber Security Engineer to join us at Cantium Business Solutions, where you'll play a pivotal role in strengthening and … advancing our cyber security posture. This is your opportunity to bring your expertise to the table and drive impactful security strategies from day one. Who we are Cantium Business Solutions, part of the Commercial Services Group (CSG), delivers high-quality IT and back-office services to the education and public sectors. Our commitment to innovation and customer-centric solutions … a dynamic and agile culture. We're proud to be part of CSG, the UK's largest local authority-owned trading organisation, supporting customers worldwide. Why this role matters Cyber threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role … accurate revenue forecasts and budgets for the renewal sales team, aligning with company objectives and the delivery of accurate and timely forecasts by the team for escalation reporting. Market Intelligence: Stay updated on industry trends, competitors, and customer needs to offer localize insights to global MI, including specific focus on trends regarding renewal best practices. Process Improvement: Continuously evaluate More ❯

today! Responsibilities: Investigate escalated security incidents and determine their root causes. Review incidents passed on by Tier 1 analysts and assess them using a variety of data sources. Apply threat intelligence, including indicators of compromise (IOCs) and TTPs, to analyse alerts and incidents. Utilise SIEM tools (particularly Crowdstrike SIEM) to monitor and assess host, network, and identity data. More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … worldwide, defending more than 600,000 organizations worldwide from phishing, ransomware, data theft, other every day and state-sponsored cybercrimes. The solutions are powered by historical and real-time threat intelligence from Sophos X-Ops and the newly added Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role More ❯

leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-leading Taegis XDR/MDR, identity threat detection and response (ITDR), next-gen SIEM capabilities, managed risk, and a comprehensive set of advisory services. Sophos sells all these solutions through reseller partners, Managed Service Providers (MSPs … and Managed Security Service Providers (MSSPs) worldwide, defending more than 600,000 organizations from phishing, ransomware, data theft, and other cybercrimes. The solutions are powered by threat intelligence from Sophos X-Ops and the Counter Threat Unit (CTU). Sophos is headquartered in Oxford, U.K. More information is available at . Role Summary We're looking for … in Windows internals and low-level development to join our team. This high-performance software captures and analyzes malicious behavior and endpoint activity, delivering rich telemetry for real-time threat detection in the cloud. You'll work closely with engineers, researchers, and security experts to build new capabilities for our Windows agent, spanning both user-mode and kernel-mode. More ❯

optimise detection and response capabilities. This role demands a deep engineering mindset and an appetite for innovation. You'll design and implement automated detection and response pipelines, integrate advanced threat intelligence, and lead the use of behavioural analytics and attack simulation across our environment. Your technical breadth will span modern cloud-native stacks (Azure, GCP), serverless and containerised … range of security tooling including DLP, SIEM, CNAPP, and XDR, and tools such as Wiz, Darktrace, Microsoft Defender, Intune, and Sentinel. You will also bring hands-on experience in threat hunting, log analysis, red/blue team operations, and incident response coordination-building tooling and processes that respond to real-world threats at scale. You will report directly into … the Security Operations function, manage external providers, and evolve our capabilities into a high-performing unit. This role also offers the opportunity to shape Ki's broader view of cyber risk-supporting collaboration with our underwriting teams and exploring innovative partnerships that enhance our product and client value. If you're a cloud-focused, creative technologist who thrives at More ❯

areas such as sanctions, anti-money laundering (AML), anti-bribery & corruption, and detecting money mules. Extensive knowledge in Resilience Risk Management, covering cybersecurity controls, firewalls, encryption algorithms, APIs, and threat intelligence. Experience in developing and testing business continuity plans, disaster recovery strategies, and conducting simulation exercises to strengthen resilience. Awareness of external resilience incidents and trends, with the ability More ❯

visibility and provides first-in-market speed, scale, and performance while reducing the cost of security analytics. Anomali combines ETL, SIEM, XDR, SOAR, and the largest repository of global intelligence in one efficient platform. Protect and drive your business with better productivity and talent retention. Do more with less. Be Different. Be the Anomali. Learn more at . Job … customers through outbound cold calls, emails and LinkedIn to drive Anomali revenue. o Research and identify target personas in a given territory leveraging various data sources. o Complete a Threat Intelligence and Security concepts sales training program, and receive advanced training throughout your career o Meet or exceed monthly, quarterly and yearly sales targets o Stay on pulse More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

done remotely Responsibilities: • Identify and mitigate vulnerabilities in Android applications and OS-level components • Perform static and dynamic analysis of Android apps • Penetration testing of Android-based environments • Monitor threat intelligence sources and Android CVEs to assess emerging threats • Collaborate with developers to embed security throughout the Android app lifecycle • Create technical reports, risk assessments, and mitigation strategies … Strong understanding of Android architecture, AOSP, and app sandboxing • Experience with tools like Frida, Burp Suite, jadx, MobSF, and Android Debug Bridge (ADB) • Knowledge of malware analysis and mobile threat defense • Familiarity with OWASP Mobile Top 10 • (Bonus) Experience with securing custom ROMs or working with rooted devices Mindset We're After: • Thinks like an attacker, acts like a More ❯

videos, and other objectionable and/or disturbing content. Investigate accounts and create reports for NCMEC, if required. Proactively identify currently undetected abuse by leveraging internal data, open-source intelligence, trusted partner information and third party private intelligence. Identify effective strategies to disrupt abuse at scale, build recommendations, and work collaboratively with other internal teams, including Policy, Product, Engineering … work early morning, and occasional weekend/holiday shifts to support our global operations. What you should have Minimum 2 years of specialized experience investigating crimes against children through intelligence agencies, law enforcement, NGOs, or Trust and Safety teams. Minimum 2 years of generalized experience in investigations or content moderation. Current expertise in global online safety landscapes , including familiarity … deadline-driven environments. Bonus Points Multilingual capabilities with native or near-native proficiency in a second language, enabling investigation and reporting of international cases and cross-border collaboration. Previous threat intelligence experience involving minor safety and the prevention of child sexual abuse Education or equivalent professional experience in Law, Intelligence Studies, Cybersecurity, Criminal Justice, Criminology, or related More ❯

in production with a strong focus on performance, explainability, and cost-efficiency. What You'll Bring: Deep applied experience in ML/DL , with bonus points for work in threat detection , phishing , or abuse detection Proven ability to design and deploy full-stack AI pipelines in production Strong experience in backend engineering , ideally with Go and ML frameworks like … infrastructure (AWS) , Kubernetes , and Terraform Experience evaluating and deploying models (including anomaly detection, RAG, and clustering) in noisy, evolving data environments Nice to Have: Experience with Perl Knowledge of threat intelligence integration and MCP architectures Location: Remote Salary: Up to £120,000 , depending on experience RSG Plc is acting as an Employment Agency in relation to this vacancy. More ❯

in production with a strong focus on performance, explainability, and cost-efficiency. What You'll Bring: Deep applied experience in ML/DL , with bonus points for work in threat detection , phishing , or abuse detection Proven ability to design and deploy full-stack AI pipelines in production Strong experience in backend engineering , ideally with Go and ML frameworks like … infrastructure (AWS) , Kubernetes , and Terraform Experience evaluating and deploying models (including anomaly detection, RAG, and clustering) in noisy, evolving data environments Nice to Have: Experience with Perl Knowledge of threat intelligence integration and MCP architectures Location: Hybrid - 2 days a week on-site in Central London Salary: Up to £130,000 , depending on experience RSG Plc is acting More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure … and optimize Azure DevOps pipelines with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability … scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. More ❯

is a London-based startup specializing in AI security. We've spun-out from a leading UK university, and our mission is to secure the future of AI against cyber attacks targeting Deep Learning, GenAI, and LLMs. This is an unsolved challenge globally, and we are among the world's first to offer a solution to this rapidly growing … mission to help people safely benefit from AI. You'll work on capabilities across SaaS Webapps, to integrations that protect customer systems, to internal tooling that powers our AI threat intelligence. We use a variety of tooling across the tech stack, including Python, TypeScript, Postgres, Kubernetes, Docker, Terraform, Azure. In this role you'll be: Building, testing, and continuously … building and operating production distributed systems. Experienced with cloud native, containers, Kubernetes. Confident working with data pipelines and a variety of databases. You'llstand out if you: Haveexperience building cyber security products. Haveexperience working in startups. Have experience as a site reliability engineer or similar role. Have experience working with extreme programming practices such as pair programming,tdd,trunk More ❯