1 to 25 of 32 Threat Analysis Jobs in England

Tier 2 SOC Analyst - Cyber Threat Analysis Center Job Description: The Tier 2 Cyber Security Analyst is a mid-tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising … on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service More ❯

Job Description: Cyber Threat Analyst Roles and Responsibilities Tier 2 Analyst You must hold a UK passport only due to the security clearance; we can only accept single national status (2nd passport holders, OCI & ILR candidates can't be accepted) and you must have been in the UK for … least 6 months working experience in SIEM technologies. Job Description The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential … Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities: Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis More ❯

of cybersecurity with intelligence, passion, and excellence! In this role you will be responsible for: • Independent implementation of customer projects in areas such as Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, and Secure Network Design. • Assist customers in developing security-relevant concepts and making architectural … can be hybrid in Austria or Germany Essential: • Relevant degree e.g. Computer Science, Cyber Security • 5 years professional experience in two or more of: Threat Analysis, Secure Software Development Lifecycle, Web Application Security, DevSecOps, Secure Network Design • Passion for Cyber Security • Good communication skills • Minimum C1 German and More ❯

severity incidents. Create and update security event investigation notes, report on open cases, and maintain case data in the Incident Response Management platform. Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign(s) techniques, lateral movements … and extract indicators of compromise (IOCs). Continuous engagement with the Threat Intelligence and 24x7 Monitoring teams. Provide ad-hoc on-call support to review threats and response actions for off-hour critical incident response. What you'll need Job Complexity: Works on and may lead projects or a … education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis. A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or More ❯

threats utilising a number of different SIEM & EDR tools. Responsibilities To be a key member of Security Operations Centre (SOC) and provide real-time threat analysis and detection. Respond to system generated alerts, analyse logs and traffic patterns. Provide analysis and trending of security log data from … possibility of system breaches. Other duties as assigned. About You Requirements A passion for Cyber Security and enjoys solving problems. Knowledge of the security threat landscape. Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols … network analysis, and network/security applications. Knowledge of common Internet protocols and applications. Ability to multi-task, prioritize, and manage time effectively. Ability to cope successfully under pressure and with shifting priorities. Ability to work on a shift rota. Strong attention to detail. Excellent interpersonal skills and professional More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

operational improvements, working onsite, leading and mentoring a small team. Responsibilities: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing mentoring & line management to SOC Analysts Enhancing team knowledge across SOC tooling … detection methodologies, and threat triage Analyse and optimise detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements Skills and Experience required for … Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable not More ❯

tools. * Cloud Security Design & Integration: Implement and optimize Microsoft Defender for Cloud to enhance cloud security posture, detect misconfigurations, and enforce compliance. * Log Management & Analysis: Oversee the ingestion, parsing, and normalization of security logs from Azure, AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation … Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and SIEM insights. * Compliance & Governance: Ensure alignment with industry … best practices, regulatory frameworks, and internal security policies for cloud security. * Threat Intelligence & Enrichment: Integrate threat intelligence feeds with Sentinel and Defender for Cloud to enhance real-time threat analysis. * Collaboration & Advisory: Work closely with security analysts, cloud engineers, and IT teams to optimize security monitoring, threat More ❯

strategy of enhancing the bank's IT security further. Using a combination of third-party tooling and custom solutions to assist you with security threat analysis and detection, you will help drive the security strategy for current and future product implementations. With good mentoring and coaching capabilities, you … to monitor, detect, and respond to potential threats in real-time. Lead the establishment of a Security Operations Center (SOC) for continuous monitoring and threat intelligence. Continuously evaluate and enhance security tools, technologies, and processes to stay ahead of evolving threats. Application and Cloud Security Implement best practices for … Incident Response Plans (CSIRP) and Disaster Recovery Plans (DRP). Lead the response to cybersecurity incidents, ensuring rapid containment and recovery. Conduct post-incident analysis along with the incident team to identify root causes and enhance defenses. Third-Party Security and Due Diligence Conduct risk assessments and due diligence More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

A global leader in defence and security solutions is seeking a Senior SOC Analyst to take charge of security operations, incident management, and threat detection strategies. This is an excellent opportunity for an experienced SOC analyst to step into a leadership role and help protect critical systems from evolving … security environment. Oversee real-time security monitoring and incident response activities. Investigate, triage, and manage security incidents using SIEM, EDR, and NDR tools. Coordinate threat intelligence integration to enhance detection capabilities. Develop and refine SOC processes to improve efficiency and resilience. Requirements: 5+ years in Security Operations, with hands … on experience in incident response and threat analysis. Strong understanding of network security, TCP/IP protocols, and intrusion detection. Proficiency in Python and scripting for automation and security tooling. Experience with Splunk (ES) and/or Sentinel for log analysis and threat detection. Familiarity with cloud More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases, firewalls, VPNs, enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) It would also be desirable if you were to have Experience in static malware analysis and reverse engineering Any scripting or programming with Python, Perl, Bash, PowerShell, or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue … cyber defence challenges. The Soc Shift Leader would be tasked with Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing their skills and supporting career progression More ❯

responsibilities will be: . Design and implement enterprise security solutions for on-premises and cloud-based systems by applying technical architecture, risk management, and threat analysis to create solutions that are resilient from attack . Assess and improve security postures to address evolving cyber threats, keeping our operational … to enable business outcomes. . Knowledge of industry security solutions including network detection and response, security information and event management, extended detection and response, threat intelligence and vulnerability management. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analystsdeveloping capability and supporting career progression Enhancing team More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analystsdeveloping capability and supporting career progression Enhancing team More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts—developing capability and supporting career progression Enhancing More ❯

management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking principles (e.g. … TCP/IP, WAN, LAN, SMTP, HTTP, FTP, POP, LDAP) Desirable (Nice-to-Have): Experience in static malware analysis and reverse engineering Active DV Clearance Scripting or programming with Python , Perl , Bash , PowerShell , or C++ Recognised certifications such as CREST Practitioner Intrusion Analyst or Blue Team Level 1 Familiarity … the team through sophisticated cyber defence challenges. Your responsibilities will include: Monitoring, triaging, and investigating alerts across host and network security systems Performing deep analysis of traffic, logs, and system events to identify threats and vulnerabilities Providing line management to SOC Analysts developing capability and supporting career progression Enhancing More ❯

vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors, malware, and security trends is crucial. Developing and More ❯

vulnerability testing and penetration testing: Using various tools and techniques (like Nessus, Burp Suite, Metasploit), you'll simulate attacks to uncover exploitable flaws. Developing threat analysis schedules and staying updated on emerging threats: Keeping abreast of the latest attack vectors, malware, and security trends is crucial. Developing and More ❯

you will be responsible for designing and implementing robust risk and vulnerability management processes, ensuring alignment with key stakeholders, and conducting thorough risk and threat analyses to maintain the security of our OT assets. In this role you will Lead the OT risk management lifecycle, including risk identification, assessment More ❯